urlscan.io logo urlscan.io
SecurityTrails logo

www.xyg688.com Open in urlscan Pro
2606:4700:3035::6815:1c42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.xyg688.com/
Effective URL: https://www.xyg688.com/
Submission: On January 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 9 countries across 44 domains to perform 446 HTTP transactions. The main IP is 2606:4700:3035::6815:1c42, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xyg688.com.
TLS certificate: Issued by GTS CA 1P5 on November 25th 2023. Valid for: 3 months.
This is the only time www.xyg688.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 36 2606:4700:303... 13335 (CLOUDFLAR...)
65 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 54.36.211.7 16276 (OVH)
2 27 2a00:1450:400... 15169 (GOOGLE)
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 142.250.74.194 15169 (GOOGLE)
8 172.217.23.102 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 41 142.250.186.34 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
3 4 185.89.210.180 29990 (ASN-APPNEX)
7 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
3 8 2.16.97.41 16625 (AKAMAI-AS)
4 3.71.149.231 16509 (AMAZON-02)
2 89.149.192.201 60781 (LEASEWEB-...)
24 116.202.48.214 24940 (HETZNER-AS)
2 8 94.130.102.164 24940 (HETZNER-AS)
1 4 178.63.52.121 24940 (HETZNER-AS)
1 4 138.201.63.149 24940 (HETZNER-AS)
3 138.201.63.164 24940 (HETZNER-AS)
3 144.76.104.53 24940 (HETZNER-AS)
6 2a0b:4d07:101::1 44239 (PROINITY ...)
14 91.121.248.44 16276 (OVH)
6 18.132.155.94 16509 (AMAZON-02)
6 23.56.205.163 16625 (AKAMAI-AS)
6 12 142.250.184.230 15169 (GOOGLE)
4 4 94.23.99.218 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 3 2620:116:800d... 16509 (AMAZON-02)
5 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 3.33.220.150 16509 (AMAZON-02)
1 1 3.123.94.79 16509 (AMAZON-02)
3 3 35.190.0.66 15169 (GOOGLE)
2 2 92.123.17.8 16625 (AKAMAI-AS)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
6 18.66.147.52 16509 (AMAZON-02)
6 99.86.4.52 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 34.91.62.186 396982 (GOOGLE-CL...)
2 18.184.81.93 16509 (AMAZON-02)
4 4 37.157.4.28 198622 (ADFORM)
6 6 18.197.162.124 16509 (AMAZON-02)
3 3 151.101.194.49 54113 (FASTLY)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.250.1.9 44788 (ASN-CRITE...)
2 2 51.89.9.252 16276 (OVH)
1 1 35.186.193.173 15169 (GOOGLE)
12 13.42.80.79 16509 (AMAZON-02)
446 47
36    2606:4700:3035::6815:1c42 (United States)

ASN13335 (CLOUDFLARENET, US)
www.xyg688.com
65    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
gcore.jsdelivr.net
5    54.36.211.7 (France)

ASN16276 (OVH, FR)
PTR: ip7.ip-54-36-211.eu
cravatar.cn
27    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
15    2606:4700:3038::6815:eabb (United States)

ASN13335 (CLOUDFLARENET, US)
images.weserv.nl
2    2606:4700:20::ac43:4528 (United States)

ASN13335 (CLOUDFLARENET, US)
s2.loli.net
10    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
48    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
14    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googleadservices.com
8    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
41    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
8    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    89.149.192.201 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
24    116.202.48.214 (Krefeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de
hal9000.redintelligence.net
8    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
4    178.63.52.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de
hal900020.redintelligence.net
4    138.201.63.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
3    138.201.63.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal90006.redintelligence.net
3    144.76.104.53 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal900022.redintelligence.net
6    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
14    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
6    18.132.155.94 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
track.webgains.com
6    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
12    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
8019191.fls.doubleclick.net
4    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
6    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    3.123.94.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-94-79.eu-central-1.compute.amazonaws.com
d.agkn.com
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    92.123.17.8 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-8.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    2a05:d018:d29:3602:567b:9400:1b2a:e999 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
6    18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net
analytics.webgains.io
6    99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    18.184.81.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-81-93.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    18.197.162.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-162-124.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
12    13.42.80.79 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
113 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
1 MB
88 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 316880
354 KB
46 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 47118
hal900012.redintelligence.net — Cisco Umbrella Rank: 358947
hal900020.redintelligence.net — Cisco Umbrella Rank: 350410
hal90009.redintelligence.net — Cisco Umbrella Rank: 355501
hal90006.redintelligence.net — Cisco Umbrella Rank: 426333
hal900022.redintelligence.net — Cisco Umbrella Rank: 316061
361 KB
36 xyg688.com
www.xyg688.com
441 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
302 KB
18 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 35667
api.webgains.io — Cisco Umbrella Rank: 70957
115 KB
18 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 39084
medialead.de — Cisco Umbrella Rank: 38855
5 KB
15 weserv.nl
images.weserv.nl — Cisco Umbrella Rank: 108024
428 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 6
adservice.google.com — Cisco Umbrella Rank: 189
1 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
927 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
648 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
9 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
2 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
5 KB
6 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 77762
13 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15485
4 KB
6 webgains.com
track.webgains.com — Cisco Umbrella Rank: 60073
11 KB
6 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 340274
5 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
2 KB
5 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5728
516 B
5 cravatar.cn
cravatar.cn — Cisco Umbrella Rank: 412885
59 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
3 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
1 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
831 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 943
725 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
291 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1449
r.turn.com — Cisco Umbrella Rank: 6381
869 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 3513
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
297 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
400 B
2 loli.net
s2.loli.net — Cisco Umbrella Rank: 114340
52 KB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 14785
624 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 1340
735 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
46 KB
1 jsdelivr.net
gcore.jsdelivr.net — Cisco Umbrella Rank: 458331
23 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
446 44
Domain Requested by
65 pagead2.googlesyndication.com www.xyg688.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
48 tpc.googlesyndication.com googleads.g.doubleclick.net
www.xyg688.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
41 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
36 www.xyg688.com 2 redirects www.xyg688.com
27 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.xyg688.com
googleads.g.doubleclick.net
24 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900012.redintelligence.net
hal90009.redintelligence.net
hal90006.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
15 images.weserv.nl www.xyg688.com
14 pv.medialead.de hal900012.redintelligence.net
googleads.g.doubleclick.net
hal90009.redintelligence.net
hal90006.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
14 fonts.gstatic.com fonts.googleapis.com
12 api.webgains.io analytics.webgains.io
12 www.googletagmanager.com adv.office-partner.de
www.googletagmanager.com
12 8019191.fls.doubleclick.net 6 redirects www.xyg688.com
googleads.g.doubleclick.net
10 www.googletagservices.com googleads.g.doubleclick.net
www.xyg688.com
10 fonts.googleapis.com googleads.g.doubleclick.net
hal900012.redintelligence.net
hal90009.redintelligence.net
hal90006.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
8 hal900012.redintelligence.net 2 redirects googleads.g.doubleclick.net
hal900012.redintelligence.net
8 sync.teads.tv 3 redirects googleads.g.doubleclick.net
8 ad.doubleclick.net www.xyg688.com
googleads.g.doubleclick.net
7 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
6 pm.w55c.net 6 redirects
6 cdn.track.production.webgains.team googleads.g.doubleclick.net
track.webgains.com
6 analytics.webgains.io track.webgains.com
6 adservice.google.com 8019191.fls.doubleclick.net
6 www.awin1.com hal900012.redintelligence.net
googleads.g.doubleclick.net
hal900022.redintelligence.net
6 track.webgains.com www.xyg688.com
6 adv.office-partner.de hal900012.redintelligence.net
hal90009.redintelligence.net
hal90006.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
5 dclk-match.dotomi.com googleads.g.doubleclick.net
5 www.gstatic.com googleads.g.doubleclick.net
5 cravatar.cn www.xyg688.com
4 c1.adform.net 4 redirects
4 medialead.de 4 redirects
4 hal90009.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90009.redintelligence.net
4 hal900020.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900020.redintelligence.net
4 ups.analytics.yahoo.com googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googleadservices.com www.xyg688.com
3 sync-tm.everesttech.net 3 redirects
3 ads.travelaudience.com 3 redirects
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 hal900022.redintelligence.net hal9000.redintelligence.net
googleads.g.doubleclick.net
hal900022.redintelligence.net
3 hal90006.redintelligence.net hal9000.redintelligence.net
hal90006.redintelligence.net
2 onetag-sys.com 2 redirects
2 dis.criteo.com googleads.g.doubleclick.net
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 x.bidswitch.net googleads.g.doubleclick.net
2 um.simpli.fi 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 match.adsrvr.org googleads.g.doubleclick.net
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 s2.loli.net www.xyg688.com
1 ius.ctnsnet.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 d.agkn.com 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 gcore.jsdelivr.net www.xyg688.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
446 60

This site contains links to these domains. Also see Links.

Domain
www.zzzzz688.com
www.zzzz688.top
www.ixyg688.com
Subject Issuer Validity Valid
xyg688.com
GTS CA 1P5		 2023-11-25 -
2024-02-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-27 -
2024-06-25		 a year crt.sh
cravatar.cn
Encryption Everywhere DV TLS CA - G1		 2023-06-30 -
2024-06-30		 a year crt.sh
weserv.nl
GTS CA 1P5		 2023-12-13 -
2024-03-12		 3 months crt.sh
loli.net
Cloudflare Inc ECC CA-3		 2023-04-05 -
2024-04-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
redintelligence.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
adv.office-partner.de
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh

This page contains 66 frames:

Primary Page: https://www.xyg688.com/
Frame ID: E2ABC88456AC069E890C36CE65DF2492
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: E91C2BE3A395FFF032E28DA2158AADAD
Requests: 1 HTTP requests in this frame

Frame: https://www.xyg688.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 59A93119B1C16323C59359B005EECF06
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&adk=1812271804&adf=3025194257&lmt=1705052732&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731748&bpp=31&bdt=1213&idt=237&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7409356389534&frm=20&pv=2&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 2D4E661169BADECEA5821D9C5703A557
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Frame ID: F050ACFAA77E80644E104F38ECF9B900
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Frame ID: 21A1E830DAA5723786B13F82948F4F15
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: F95382BFEE7CAD8B444160D7AEBBF214
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Frame ID: FAD6995A735CD9A217C99BC0932F393F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Frame ID: E28E6251098F3CE9D83508007900B8BE
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Frame ID: E115443EE893159B8C5BD8A448AC9AF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Frame ID: 0070CE5D308EBED0C0BD41792BA7ADA8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Frame ID: C9B4B9F440F5AC5D264E8EDC33CAB58F
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Frame ID: C2F6F8BA4F4D5A3989555F22C26A6A3E
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 91C26D20335C531FEB815F87C666BBA0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 15D891BC6C5E823EDB9516480FA9EF5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: E501A60121865C9CF2077A926AC83B5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Frame ID: C237AF2E89A34889F59EC7A69D065DD1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Frame ID: 83589879C91452725029AFF0C7F5BDA4
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D834ED64FF8829FE51C85402ADA08097
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Frame ID: C9B6C477AC3F1A38BBEEA5FEC75128E6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 98ABC61CA4046949E4572C99F71981FA
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A3849391FF8350DC9153CD584D3F5420
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNV6yLwYBXC255eTNdaezbt3Y3CPYDyJqdgCawc0DZajNXZX9U78A6DD41HesYuU2yZjmdZOynWHCIDJmn-lyVyZObanxiRu2st7l6RvbXHIuHQJ3rFwziFz9uNLkllH8cvIdwj5fqxp--jCv98Z07NAeEG8ZMVNLJRHj3rDVMgFKoIyu1E
Frame ID: A8FF3C617DEC6C41AFA1D04896535B6C
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXvOfNLzUM4HVgfxIUfSQBvim9fUZIj0-N2JS9OzxgjeXWHLjZAhvlg0yvRYx3Rm-RjbudrSMC2ciGI6uBzJK-i2pId0GvaRq-tfxF3-7y6uRaeY5J1AshpY38tZ_Dlb5GTaZXNvz1uRZX3gHVZuUYTpqcv7hmljkVB1uhKAPQtvLpQ5rs
Frame ID: 2ECEF91E80B4CFF01E395B2E95028A15
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXjvkAZRVNKu-PBQ_ycoV5KSFEguZzXY416HzZyNZbZ76oBnEzDyZK7u6LuMns7kHk7gcXmSmzIa0O7nlKHgGdHXpbjdjI9n9Chei3WqTKekBhuTQzdA3H1jSc7iapodCmwrW0rulZ85GKx5MrCtQK555e9ygJu0lv2mJG0IfHq4UjJjOM
Frame ID: B3B725172F20DE4DE65C53823CB77592
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUGCvNww36Aycq7SYrHUdtShoOCc3Ou7Ddx-CY73TSoc62DwDasz-J746dOrKOg4uo_0aO92T92zW2kIPwJCSdE_aoyuAz2jqYryG9L2fic8xkEU7uRO2i16pbIf48IvtVpc0nMgAx7wj_RgCNmVOpE5jh4OTiRMfINNeLhjAwxMYTqQkk
Frame ID: 2EF6FCA6F6029CE334F85EDC046562F1
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNWtuySX2oEkXU2MhvXC_2WrjDQhKum7fYqrPbcArVQG6-DlZxWaPaMInc1QAjoXfqlNDveSh1NlmbZxzsZSxLRCcshMCCPun7bg39JD8VRIPaLDpbTGyVS1Z4FqDLwTNGIOvuMMxZk-S-_J-mv5bvuungznxmCNBbN9xDkg2CbG3auCntQ
Frame ID: 505497BFE65CFA24FCAB1DE1BF9BCBD1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 9D3CDDB11DEDC222DFF820D1D5D5CD80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E1E1CEA2CAD775D2FA8D948263654748
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3949049A21CB9F5BCBC078E42803BD8F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 936D60A39CD2250575DEC2CAE49377C2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D56F7659DA5AED9F43E622E8601D2FCE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2F27575871C539C41B299EAC5A9666BE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8905F3F9386328EF81F9A9D6375018C5
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 1E9ED63B0A234C3204EF7BD2306EB281
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=69768200051962804445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 090ECD8C77964A1E05DBB06D15629650
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7C8DB06564BB97F5124530CA3022E690
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: ADEFF5BDEE9D472313D268BB8848A625
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965
Frame ID: 570A0BDC30BBDF9C15E8C609C407F993
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Frame ID: 1E775F7240E99A4D7DE3D39C0E4AD8BC
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FF9A654D217F0A36904F553B97257151
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 29853E48147BBBF015149D8BCEAD660C
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792
Frame ID: 1DC9E4D8A0CA4666CFE318D20CE9D9FB
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Frame ID: 3B2AFC31ACFF6CFFA17A6F6CD68A3DF6
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: ACE714CED11A953121AE254BAC4E40F8
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 3A1C82426BCBC5E7C28F1DD077C54862
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248
Frame ID: EEAD80233FEF0ADDF610A84C79B77B2D
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Frame ID: 53437B4E487483A401DF0A023B7FF604
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FF5F51100179490C5AB9E03FA2E0A20
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0A92990E2E473B65D2F2602CAC93E33E
Requests: 9 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F5CDAB060EF0BB1B6D27AFB6A9244064
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 6D0AFFF8F5EE13576FBD5E074735F55E
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553
Frame ID: A1872BAA928CD1C103E3DCE1B95B928C
Requests: 2 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Frame ID: 9583685A3D6226F27CB81822AEC2F0E3
Requests: 8 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CF584881986E141E9CE6F5884A6C835B
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=89152800055145804445006012567022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 4BDD87AF5E0479D1F9052A047BDC2D3F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D2971FE9C9AE918E11C392CEBDE12C1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 836E1348EAC56C52BD4A85E65E6B8C93
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022
Frame ID: F25A251B1E9550F16F8B27D0494FCD69
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Frame ID: 1CEAE91BCCF3222F3B02E3C0C5B757E3
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9304D433F584454E10215B479E366CBE
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443
Frame ID: 82E32C542251D75F2E97831072B2DE03
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Frame ID: 9D51C607257B0836C33BA68C927B6CAE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D8890E2CC1C9249F43A0043A5995951
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9CE9EC6ADA45B2BF1CA449BF18E4426B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5D9D4E75E6A0CBD37541B4455267B19B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

小妖怪分享|兴趣使然的资源搬运Blog

Page URL History Show full URLs

  1. http://www.xyg688.com/ HTTP 301
    https://www.xyg688.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

446
Requests

88 %
HTTPS

37 %
IPv6

44
Domains

60
Subdomains

47
IPs

9
Countries

4855 kB
Transfer

11336 kB
Size

44
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.xyg688.com/ HTTP 301
    https://www.xyg688.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.xyg688.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.xyg688.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqiqrPAqhZanSDePftOUPtO6M4AOT_76hdcjczdDNEcrl4uiTDhABIPTKrpEBYJWCgICgB6AB6f31zwPIAQmoAwHIA8sEqgTLAU_QoirHQYVTZ8YM7uZjWCWoEttwmL6sns2DVYCmBEI4ylf8M0p9bxVyFMrRLwUS2JFyKx80a07z-Q1GyuLXXa6l8RgCAQorDn61bIYRguu9X0OvfY82ANUTah5Gt08WCfvZ8LJ4WqTyzcT4SWcItSg70RiD-PKPGcwpSZAL7wJFbUH0QLLQJFoApL7fKKv4BNiM8bucRxLxUegZnZqBUOe0xLrC_ia3QEFoxCEDUZydQZwiN1Qd6F57GQKUk0Yl_EXFCb-XljmIrVLlwAS5rfyHsASIBdaXwJ9MkgUECAQYAZIFBAgFGASgBi6AB4qaxJwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ-OII0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljYkbGzyNeDA5oJO2h0dHBzOi8vc2VhcmNoZmF2b3JpdGVzLm5ldC9pbmRleC5waHA_cmdpZD03MzYyNTMmc3ViPWdjbGlkgAoByAsBogwIKgYKBKy6sQLYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItOTQyNzA4MDQ2NzUxODY0MhgA&sigh=okwaVYrrkAI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_gkmGYSSwlbVIjgoRQKrU2bveWAeU1pYQMQTqUqeONS4Fofp5lZ-yrQodqGX593MBoqVQZIVlj9eo1ZTQI5i6wKh2OiyQfnq0vjwYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228568491598051406328%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213798836775748893681%22}&andc=true
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4kL6PAqhZYrnJ8K1tOUP4a2C6APV7ISXdYeaxPqNEtnZHhABIPTKrpEBYJWCgICgB6ABkO244wLIAQGpAqQf9hF0Gwo-qAMByAPLBKoEzAFP0D_RGstISn9P_0UDYbyuFfGQP7rR0KtTT6sIhQKuZjYfM6DU32-02CKFbIBEnRajG0NI31H7jg-uqEzZc-BwgQqz0OMqO20WCFh0t-xgQcxf_OgMr0Kahfpv73CWfXJvolYliOCcCe8c_LKKOXMgZHZqrV4adnYtRrtde6JhdQzZw1DyXXcY8mew-5EWMONmb1bu82U8QYHeqihDZX6VvyP0VB5n3ONB0a2B1zrl510IocCkmscqAXKHTbjMxz6QMf8pEEdqns4KvDbABKuiiovLBIgFrMv89U2SBQQIBBgBkgUECAUYBKAGLoAH2JLHnAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDvugTSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOjHy7PI14MDmgnIAWh0dHBzOi8vc3RvcmUuc3RlYW1wb3dlcmVkLmNvbS9hcHAvMjQyNjk2MC8_dXRtX3NvdXJjZT1nb29nbGVhZHdvcmRzX3dlYiZ1dG1fY2FtcGFpZ249SFFfU1dfREVfR0FfQlJfUEMtU1RFQU1fR0ROXzI0MDEwOSZ1dG1fbWVkaXVtPTI0MDEwOV9BbGxfQU9fQWxsX1NURUFNLWxhdW5jaF9ERSZ1dG1fY29udGVudD1BTExfSFFfU3RlYW1fTGF1bmNoaW5ngAoByAsBogwIKgYKBKy6sQLYEwqIFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItOTQyNzA4MDQ2NzUxODY0MhgA&sigh=Iy4E_C5lQqI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_rN4RYwpfv6MVcmE6Zc-tpocQ_wGwemre09V-FASW7jIYJs6hAEQOIbpeUHyMjtrH94y-j_WnWFbKOUsYWnQ3IGtD7Co2wSRRPX8YAQ&template_id=5021&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213265721682886992191%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2291079682376469329%22}&andc=true
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
Request Chain 110
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaEKPQ7OtRYd66fP7toyGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJqdhEMBWzxcuovd5N5XQPc&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqdhEMBWzxcuovd5N5XQPc%26google_cver%3D1
Request Chain 112
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzI3OTA1OTI4ODgxMDc3Mw%3D%3D
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZDSWJZJHWDQ2MyJpmRwzY&google_cver=1
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDKjvWqy8KZpV667ZKFFcY4&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJXdLW4loMi5C90htQbnmi0&google_cver=1
Request Chain 222
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 223
  • https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 224
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 225
  • https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 249
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965
Request Chain 251
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 256
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792
Request Chain 258
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 263
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248
Request Chain 265
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 274
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553
Request Chain 276
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 315
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022
Request Chain 322
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENThf3IEVcFPelBmnijUd5M&google_cver=1&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw&google_hm=Q0FFU0VOVGhmM0lFVmNGUGVsQm1uaWpVZDVN
Request Chain 323
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrbactn_x79MVK9pw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrbactn_x79MVK9pw
Request Chain 324
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5ErevxeEJ-TXkqGuZgnATp7BasfmMJkMWQ&google_gid=CAESEJdNwR0wiEyU0es_uEOv8EQ&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5ErevxeEJ-TXkqGuZgnATp7BasfmMJkMWQ&google_gid=CAESEJdNwR0wiEyU0es_uEOv8EQ&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTIwOTQ1MzUwMDAxMjIyMzgwNTc1Mw%3D%3D&google_push=AXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5ErevxeEJ-TXkqGuZgnATp7BasfmMJkMWQ
Request Chain 325
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8I8vtLrug1WcTWGy1Vwlk&google_cver=1&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1OTftH_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1OTftH_w&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
Request Chain 337
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1&google_push=AXcoOmRyH9OUHPNUX9phLPaQ2O2326WpR_CqkXest7SjbDRQntnqyou_SM-Apr1L9cvOoHeDPj7chshuQSrO-XSgkSOYKYh8Xy5JZeg3eraCuSA3daDAHaaG1CbhCNaKikWDFjxqw6TWIwE26WWmv9QUxWPmmb4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk0ODg1NDk3MDk0MzQ1NjUxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1
Request Chain 339
  • https://um.simpli.fi/gp_match?google_gid=CAESEFvwlkR24EniGj-b-fzdi3A&google_cver=1&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrICECdUt5aiDKrnw_Q-T1XroK3OFqwrafLbqWae_ORQmg8mPsroIqVybIAph6kcUXdfzNbdig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrICECdUt5aiDKrnw_Q-T1XroK3OFqwrafLbqWae_ORQmg8mPsroIqVybIAph6kcUXdfzNbdig
Request Chain 341
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q2oxiH_ZU_GQj5rGfqNR0rWxz9FSWnSwfwni5BM9aGcbVO3Qg01dZNyUwD6ZNI1cntB0Lyw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ssHqfHHtQ04IL4tP-ZRuNQ&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q2oxiH_ZU_GQj5rGfqNR0rWxz9FSWnSwfwni5BM9aGcbVO3Qg01dZNyUwD6ZNI1cntB0Lyw
Request Chain 343
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vYNEjk_qcGthftmyHcBsLGzRTafK8QVtILBYki5GWgvAZM0pmCd4GsiL3EzZ_oOpP2QToFBN6ddal3PCs HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vYNEjk_qcGthftmyHcBsLGzRTafK8QVtILBYki5GWgvAZM0pmCd4GsiL3EzZ_oOpP2QToFBN6ddal3PCs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAwNzg2OTQ5NTc3MDA0NjE3Mg&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vYNEjk_qcGthftmyHcBsLGzRTafK8QVtILBYki5GWgvAZM0pmCd4GsiL3EzZ_oOpP2QToFBN6ddal3PCs
Request Chain 351
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMOTs5o-z2Cfmgx_KBAbQmY&google_cver=1&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9oSZT3NC4ipA8qMMcipMHWKn_Fdn1SE3jBlkxrCdCmcPls3DWQQQ-4Zn5XH7XB5EQoELxIIF5dCF1l3RuEL94aXreWb11qRUOW9I_5I HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9oSZT3NC4ipA8qMMcipMHWKn_Fdn1SE3jBlkxrCdCmcPls3DWQQQ-4Zn5XH7XB5EQoELxIIF5dCF1l3RuEL94aXreWb11qRUOW9I_5I&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
Request Chain 353
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Ufms1B_QfpCJOuTZp_RkGsrLbFLGwE6d_Ri9312bFAo_P6UzUyt_tXDhk6AsPzjSWIJHDMCrFqb9QgCdOLHbNW3CCogh-jO3_0IvI9yvkJ5cZ84VCk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Ufms1B_QfpCJOuTZp_RkGsrLbFLGwE6d_Ri9312bFAo_P6UzUyt_tXDhk6AsPzjSWIJHDMCrFqb9QgCdOLHbNW3CCogh-jO3_0IvI9yvkJ5cZ84VCk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0RzZWpuWUcxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Ufms1B_QfpCJOuTZp_RkGsrLbFLGwE6d_Ri9312bFAo_P6UzUyt_tXDhk6AsPzjSWIJHDMCrFqb9QgCdOLHbNW3CCogh-jO3_0IvI9yvkJ5cZ84VCk
Request Chain 354
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmSv_dgIq-ZPToMJTRc3EuhDjkPBjq2w-4cOoV_HotPW4oVs2Cli2HyYDSCGzKmu5MJ6p9uJsqQa-29GUcdipFhCuzdI1BaMQ2cc71D9bo2EKN4TpgB66koXu_QrjVpmSSLGsCKwmRAiF84d0i5Ah44i0Dc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmSv_dgIq-ZPToMJTRc3EuhDjkPBjq2w-4cOoV_HotPW4oVs2Cli2HyYDSCGzKmu5MJ6p9uJsqQa-29GUcdipFhCuzdI1BaMQ2cc71D9bo2EKN4TpgB66koXu_QrjVpmSSLGsCKwmRAiF84d0i5Ah44i0Dc
Request Chain 355
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9nmcWBUJSqxqTLJTdGvqlM6B0iOTaYoqqXAJ3YanVfXBzr_9bZvbeUQgRjuAbL3mb_07JWDus HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9nmcWBUJSqxqTLJTdGvqlM6B0iOTaYoqqXAJ3YanVfXBzr_9bZvbeUQgRjuAbL3mb_07JWDus
Request Chain 356
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7XC5k4lkOVUABmEGIEFDBLSpo079bQ3HqErtJt5RpeU_DStrG4jS4u5NFIaXhc0NKZ4eBXOKlukosOSaz0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7XC5k4lkOVUABmEGIEFDBLSpo079bQ3HqErtJt5RpeU_DStrG4jS4u5NFIaXhc0NKZ4eBXOKlukosOSaz0
Request Chain 357
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsAAGc7JR1ITOc&google_cver=1&google_push=AXcoOmSO_odGm_iLIxbvtEeLJfRVL-bn64Y4Can2r81VntipqNjLQUlMBMPWisRm0Eo_smRr2WTiQjsWlk00PwminRHJ4Gzq-3DqdEaMqxANkTbPRH5JbhOq0FmsmjtOjVedMWnE2TMZdoErqhc0Jd5lscWrvb8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSO_odGm_iLIxbvtEeLJfRVL-bn64Y4Can2r81VntipqNjLQUlMBMPWisRm0Eo_smRr2WTiQjsWlk00PwminRHJ4Gzq-3DqdEaMqxANkTbPRH5JbhOq0FmsmjtOjVedMWnE2TMZdoErqhc0Jd5lscWrvb8 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 365
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5WO8IDSY9RuivNlWo64aYDNEPXCZtYTObwDNXAiftqlpPQP81oEZWY9Tg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5WO8IDSY9RuivNlWo64aYDNEPXCZtYTObwDNXAiftqlpPQP81oEZWY9Tg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5WO8IDSY9RuivNlWo64aYDNEPXCZtYTObwDNXAiftqlpPQP81oEZWY9Tg
Request Chain 366
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 367
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQxWSYQLvbUu46i1MssfnN63N2XvTl10ubJh2umdhdZeWcCsxakqCHoaK1ZzOPNkrWMwzczlXweewitAiYno1hVQRvb-P-Ip60q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmQxWSYQLvbUu46i1MssfnN63N2XvTl10ubJh2umdhdZeWcCsxakqCHoaK1ZzOPNkrWMwzczlXweewitAiYno1hVQRvb-P-Ip60q
Request Chain 368
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8I8vtLrug1WcTWGy1Vwlk&google_cver=1&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0xZ7C9DiSe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0xZ7C9DiSe&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
Request Chain 370
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAWoygpstsFcGofJDnjlIbI&google_cver=1&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6jz4o2olhK9NCIaA5USqf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6jz4o2olhK9NCIaA5USqf
Request Chain 371
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEG973aGDucAw8BcBa-PWWsg&google_cver=1&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8sY95MbFUz3wCgiIlVHEZfgZtw463YOohlBHELt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8sY95MbFUz3wCgiIlVHEZfgZtw463YOohlBHELt&google_hm=uJTaA7UKRUyDm-d1ZKTwO_Q
Request Chain 373
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443
Request Chain 392
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMOTs5o-z2Cfmgx_KBAbQmY&google_cver=1&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--JhFnjnftDOhP0XUPnsL0rRQAYlQZMfsMoaGrt4qf6QZbIo0ovScaACpnAnr8evT1XejO_XSDEEoK2uXOMg_IipV-4Kv7H1wXYsfzmc HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--JhFnjnftDOhP0XUPnsL0rRQAYlQZMfsMoaGrt4qf6QZbIo0ovScaACpnAnr8evT1XejO_XSDEEoK2uXOMg_IipV-4Kv7H1wXYsfzmc&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
Request Chain 394
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT0E6o7QBN6qSiQliUuSweBwC72BzdwFrRyulzhRIZz9neGrIsKUVnADfIrY_iVSADg6rPB94hv3P8srvbdX5PxeUZRymY0lFiFZbhrTcA4pThGKb-Q48nQH5XtWTGi8-z2z-io6EBLcneqTvdB_iXFOSY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT0E6o7QBN6qSiQliUuSweBwC72BzdwFrRyulzhRIZz9neGrIsKUVnADfIrY_iVSADg6rPB94hv3P8srvbdX5PxeUZRymY0lFiFZbhrTcA4pThGKb-Q48nQH5XtWTGi8-z2z-io6EBLcneqTvdB_iXFOSY
Request Chain 395
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQ05iKzzKVHD01I2c6k7x9gufYBr1t8f7oTTH7sRpZY-pXWi9VxpeB3yyL-MQBHgii5rfpl0ge4tpNwRLGDAvgiAhFl1nA2AUo1osS3oTOMYPkQfI1lm18fccK392T2Nq-qsmxRvwcnNGsqzEkDpFG7Xw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFFS1B3QU43aEo4UkFCSA==&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQ05iKzzKVHD01I2c6k7x9gufYBr1t8f7oTTH7sRpZY-pXWi9VxpeB3yyL-MQBHgii5rfpl0ge4tpNwRLGDAvgiAhFl1nA2AUo1osS3oTOMYPkQfI1lm18fccK392T2Nq-qsmxRvwcnNGsqzEkDpFG7Xw
Request Chain 397
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s90lWpmhRQnK1YMRrowIyg3NHEQ1dNQjYlWCtxNqU4EgYfniIoSvNWjcDXnCQjTjorEqwugNoocrAt-PGo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s90lWpmhRQnK1YMRrowIyg3NHEQ1dNQjYlWCtxNqU4EgYfniIoSvNWjcDXnCQjTjorEqwugNoocrAt-PGo
Request Chain 398
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsAAGc7JR1ITOc&google_cver=1&google_push=AXcoOmRAeKZXlgRjuuGiTTyggvwxRpWsgSA5OvuQ6iqB_0k-k5K45y9Buy40Cm4necNlhwEZ0VHRHXvd7u3iuy7wDjYtWgtJEC8wZcylrurVqaUwHPNnLJFfvcThubrN-q0xhKTtLslj4uFubVON4lf7s5F21ujm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRAeKZXlgRjuuGiTTyggvwxRpWsgSA5OvuQ6iqB_0k-k5K45y9Buy40Cm4necNlhwEZ0VHRHXvd7u3iuy7wDjYtWgtJEC8wZcylrurVqaUwHPNnLJFfvcThubrN-q0xhKTtLslj4uFubVON4lf7s5F21ujm HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 415
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmRCmTW3ZuGKx6_7Nhafvc_Ejs-wPbRBHoLBHZvxO27QHDrvHoH_JTf5fl0Z8z09x1yVP3TlYJXQHElm4Ssk7xhjkj3qcf0zq-iKhtcX9poYGPe-ml95GxUlTh4UVvQ8D8OXDvQCMRoozi-6-82m6fTstGc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmRCmTW3ZuGKx6_7Nhafvc_Ejs-wPbRBHoLBHZvxO27QHDrvHoH_JTf5fl0Z8z09x1yVP3TlYJXQHElm4Ssk7xhjkj3qcf0zq-iKhtcX9poYGPe-ml95GxUlTh4UVvQ8D8OXDvQCMRoozi-6-82m6fTstGc
Request Chain 417
  • https://um.simpli.fi/gp_match?google_gid=CAESEFvwlkR24EniGj-b-fzdi3A&google_cver=1&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPYS9rjx05jaJchvtF1AFulEOUO5PiX58Moa0aKDj8ORFalyK4G-NXy1s6o5AnDglmTCsaG9zM0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPYS9rjx05jaJchvtF1AFulEOUO5PiX58Moa0aKDj8ORFalyK4G-NXy1s6o5AnDglmTCsaG9zM0
Request Chain 419
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAWoygpstsFcGofJDnjlIbI&google_cver=1&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoDzSrApZc5msuCnM3poUW-qRQmN3ZG8hMfLnZ5VnKsZ1s8NlhmjSG4ErRca-f9LB5sI_XaonY6QA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoDzSrApZc5msuCnM3poUW-qRQmN3ZG8hMfLnZ5VnKsZ1s8NlhmjSG4ErRca-f9LB5sI_XaonY6QA
Request Chain 420
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsAAGc7JR1ITOc&google_cver=1&google_push=AXcoOmSDs1QfzRl2Mu2NeVaVQxUXajH8FEJinXi7JTmoDUxA-4Q-Xrh6dpE0mMIFbq6Bz3NJYYGjgPsUinDfnvSLpq8uyPZMqkxijsBjEO45-uVEfitCu2mE69EiigsDjHp9eYHjzfK1ofEVlIGCs76SD71Ub2mB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSDs1QfzRl2Mu2NeVaVQxUXajH8FEJinXi7JTmoDUxA-4Q-Xrh6dpE0mMIFbq6Bz3NJYYGjgPsUinDfnvSLpq8uyPZMqkxijsBjEO45-uVEfitCu2mE69EiigsDjHp9eYHjzfK1ofEVlIGCs76SD71Ub2mB HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

446 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xyg688.com/
Redirect Chain
  • http://www.xyg688.com/
  • https://www.xyg688.com/
164 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88868e4ce402e20c0571112a33163d24493367809d35e1232a82ff6fe1eeb1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
84447783fbd0b6fa-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 09:45:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwzeAATF37PnCUfSl6w%2BMTMNYyV5ug2Lir1TokU%2BFndGp79NP%2F1Gpbm6ST9%2B5HabM%2BlPJk0ly4wONg00FJrhJe6U7qVDO%2BTU4p5o%2BGK7LRq8IGCvcV3Rtc2sEG1gYB8EQYBpdoW%2BcmZZEmzs2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

CF-RAY
844477829e0e6fc3-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 12 Jan 2024 09:45:28 GMT
Expires
Fri, 12 Jan 2024 10:45:28 GMT
Location
https://www.xyg688.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7ygYnjFfn3jYN6XKsVGhiLQb%2B1%2FN9YvSeeJ2U1vl03EDX4t7wQzloWD1hSJyipJcZKJHn%2BTPWhDOYDyfyP%2FcshF72olOGdHGOiX3HkK5hAoWWKvKhItF5PaBjS%2Bnn0R3pwpfkRCn7YpZg8czQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
classic-themes.min.css
www.xyg688.com/wp-includes/css/ 		217 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Dec 2022 01:29:28 GMT
server
cloudflare
etag
W/"63aced78-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb5bjKDp1FMEVFNAabtUl4wJX521Qi%2FQqM2DmWrgFPa97nEtH2I%2FmxZcAR90xnpT8fSk11GeKKa45UO%2BzXAuSyS%2BVSD8yfc9cnir1A48g3XeDw0z4za0CDPEfh2azR6Jc7c%2Bj6xjMUxXVJ1LDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a04b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
font-awesome.min.css
www.xyg688.com/wp-content/plugins/cyclone-widget//icons/font-awesome/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//icons/font-awesome/css/font-awesome.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-685b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdcDqUj%2BZ%2BEWtZLLmhUQMTPx58jNgcaF6Azq1TifZHR4NJZXRiKRNd1pzMGKiQdky%2FI3AGmhcGHLmZ379z5qPaL8FKQuIjK%2FrzIin5Ll7hT4IvCuXTQZZHivqNTUL3PWHoXw5xbrNVxjsW3uZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a06b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
style.css
www.xyg688.com/wp-content/plugins/cyclone-widget//css/ 		2 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//css/style.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c5174cc7381bea3d6db3e52da91b442f2f876fd9a949766b7c4e067577609f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
cf-polished
origSize=2277
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-8e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ij0wAFaNoxVFDZeT7XrKY8W3kDV1mypLzgVW5uJT8sPyUC%2FAilIFUThxPDXj52%2F%2BNcMz6BCmFhsCsFTqK3gLsnzX07ZX1LoN8q7JBB99INrtzEBgS3DSK4J5DGAT6e1dvBcUwJLTk1DGxCuKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a07b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
style.css
www.xyg688.com/wp-content/plugins/dw-reactions/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/dw-reactions/assets/css/style.css?ver=120004042016
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a570abf89ea7889beac4f6a05238423ce8ebc584502a519b9a342c7b8a5dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264309
cf-polished
origSize=5263
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 11:44:22 GMT
server
cloudflare
etag
W/"65438b96-148f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VsJa0nkO%2FIiuAS20PsqzdgwuiUMgc4s2wUZX5jiaGnCXyrQOCjZs3jNR7naAD7H%2FC8TxFbgjZWFTNEwi6MtHy%2BXTB0iIEh8etLF8iDp6dNKPLzwRj9HBSwkZpDa3x5hCRgous8OIwlqMHkAOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a09b6fa-AMS
expires
Thu, 08 Feb 2024 08:20:21 GMT
flowplayer.css
www.xyg688.com/wp-content/plugins/fv-wordpress-flowplayer/css/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/fv-wordpress-flowplayer/css/flowplayer.css?ver=7.5.41.7212
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd8f7ecc22735bde8e48719bc8d46057c2ba7d66accf2457be2b3c62bbd5d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=107097
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 21 Oct 2023 12:55:12 GMT
server
cloudflare
etag
W/"6533ca30-1a259"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vgunzL3Hm%2FEq%2FK9vMCd5qPXJCrFyJOowgzf0Ebc%2FFQWb451l2%2F1hepEyplULmq3dj0w%2B1ry8DvhAzdPASqYQDRGqdns1ChEdCdlGhkn8lCWlpE%2F5R%2F4mbuWGeauyk1YGiSUc0PoFOmpmLKpEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a0bb6fa-AMS
expires
Sun, 11 Feb 2024 09:45:30 GMT
sfwppa-style.css
www.xyg688.com/wp-content/plugins/styles-for-wp-pagenavi-addon/assets/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/styles-for-wp-pagenavi-addon/assets/css/sfwppa-style.css?ver=1.2.1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa97ee9dfd5727f8e9727e4c154b4a4f36cbc489c10a998bd9903136c709096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264309
cf-polished
origSize=7255
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 27 Mar 2022 07:54:24 GMT
server
cloudflare
etag
W/"62401830-1c57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gnb%2B00QjvIafX0ZN2knQdsVZ7AtbAZJQhszXnnZhs62lD6NVo1xENo6whdzWVIsiS%2BW3rhQK0UjvMYz3BYIijWUPpJrmKKJQ05xasNKHasCV4MUulAg2QbXKmBcVU8LH56zOjsUOlfMwcp3tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a0cb6fa-AMS
expires
Thu, 08 Feb 2024 08:20:21 GMT
dashicons.min.css
www.xyg688.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/css/dashicons.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
264309
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
etag
W/"603ffca6-e688"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oij7DAqIoCpFOw43EUFekRPcCXuUVVz2U4pL2whBPJ1DxN%2B8Aij%2Bi0%2BNWj5WZtORFq24lT9T6QqEWPk3MFWdHcm91TYhKleQjRdFdxIAzLlzhPiqcC%2FUFzYxHb4jaUs8R9VVcs0lVRA4o5w%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a0eb6fa-AMS
expires
Thu, 08 Feb 2024 08:20:21 GMT
to-top-public.css
www.xyg688.com/wp-content/plugins/to-top/public/css/ 		525 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/to-top/public/css/to-top-public.css?ver=2.5.3
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b875fe8868c894f20a8c48777195b88c764af61be864a9ea7709f2bfd24192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
cf-polished
origSize=978
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 08:29:22 GMT
server
cloudflare
etag
W/"655dbbe2-3d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zslrUgrDpDobZ0p8REPtXR4sFDRj%2BcdxICc2y7UFUgC4yY1WuzSwtycJ%2BKn3c%2B6hKXaO%2B16bM6yZGcyZoSgJM1yuOe7jM1R4KbIu4NBT895e5pettisr70NTXpfDLo8MlBgy3NjNncPe3he5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a0fb6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
main.min.css
www.xyg688.com/wp-content/themes/hueman/assets/front/css/ 		92 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16a00c35650ee5b15c15837700aaf8a1455bf18b2f579770174dd8d7531a21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 06:58:42 GMT
server
cloudflare
etag
W/"63a15d22-17095"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHlkEMs0Pc46j%2FbsNNojcbntJlISr0ndPtC68cVC3osV7FwXHKYy3brD%2BO4czKjC7S%2FLoV1%2BFRAAtHdXn7IHsFXfjjQalDVAa%2BmUAnccqVLbvl4yCdGKBkfg6RrE4sDoHbhnM%2B%2B0H8lYzDZC7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a11b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
font-awesome.min.css
www.xyg688.com/wp-content/themes/hueman/assets/front/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532686
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-e877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyCpTriLwg1BOG6XU3YwnLES523PBohgs71fddSAqgGsYfcM0DrrxPEZ1rsNRb%2FWZnRsKYY%2FIDUuUIn1eGgAZMLaGL5yLWZtbtBaLbWMJlYjh54tU9Hjq3CPGVvAxaIWIs2ji3Nt4w34nYXxAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e1a12b6fa-AMS
expires
Mon, 05 Feb 2024 05:47:24 GMT
social.css
www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css?ver=1.3.0
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7254383b0cd09cf6c2c20161853d808329e0e70a54c74e84db51ef06439edbb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
cf-polished
origSize=9916
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 16 Dec 2021 07:37:42 GMT
server
cloudflare
etag
W/"61baecc6-26bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMjC94oEVwNt%2F7jlSDf7tc3YlGAmMCYYxqR194hEcsgoV0AnMlxRYb%2FXbR%2FJSZbX2bhoDjW5cq3Z7YWWOkgmXZg2FBZdUEeGsUZrqDCH9RVSV%2BNiV6pQ%2Fu%2BRSop1hJ6I4V%2FhcuA9adeBsCFnTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e2a2ab6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
jquery.min.js
www.xyg688.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Dec 2022 01:29:27 GMT
server
cloudflare
etag
W/"63aced77-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCQmZOVoZYu7b2cW7wVTRjC8NS167XIPx%2BbtpB%2Fr6DPA%2F7k%2FOT5DNUy6D63SNMgGPldhLvrpVx3o9PipYRxJZ1Jf%2BDoKjwmrD6hrxwk2Mtu0xmJxdv2V1PlLPGW27JBFwWFwQV8VVkaTXsFR%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e2a2db6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
jquery-migrate.min.js
www.xyg688.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
262127
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1quW8UjfvyYwsAdnCNmpO0QhYFB7Xa8PrjD%2BuV0GGibAffQHvNv3KZtVylxjvKhGxA%2BRbQTmgeipb%2FUzv2uqe0l0wdheJayGqBbQNxlokd5G8y1ykRXwsw3HfHPl6lE5ZtcZN0JpITM1xy0uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e2a2eb6fa-AMS
expires
Thu, 08 Feb 2024 08:56:42 GMT
custom.js
www.xyg688.com/wp-content/plugins/cyclone-widget//js/ 		786 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//js/custom.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1964642d3f3e61948a3e10351d3c73caa966cea7df8629d92b777408d8ab60e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
cf-polished
origSize=902
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-386"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jaQDhuPKh70WJCLFP6PbxzI%2BiIXR4jEHcE13vW1uvmkT2PM9hJBqfXZ54RQ0tekRq6hxYiAnlapW4YgvmAx4OFgvTfzidxZCTbuw3FyjyFbpeTmAs9EONgF0EkY1nDUPrcVXh5N%2Ba01Y8AtPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e2a31b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
script.js
www.xyg688.com/wp-content/plugins/dw-reactions/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/dw-reactions/assets/js/script.js?ver=120004042016
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8b2bc413082260c40f04fe30ee6c3e7213815e59321457843fc7e245e8b37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
946750
cf-polished
origSize=2943
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 11:44:08 GMT
server
cloudflare
etag
W/"65438b88-b7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSjcEVHL3sDV2QkCITT%2B8Ct8TXIcMYaI58PrgAZ6kpqKA7%2F%2F%2BRi3btfGfVK6r69A%2FR5a0ZOPiGLfggKEFRD5InoexCZMaPaabCMxjq6sdl6i3cBLg5kbrDTbN5sYkqqPoP5YJf2DxFNCUgs6jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e2a32b6fa-AMS
expires
Wed, 31 Jan 2024 10:46:20 GMT
to-top-public.js
www.xyg688.com/wp-content/plugins/to-top/public/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.3
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95e4e7e4a9323ad15b663323ab9347b3efd037be4e5da4385bc440f63daa9dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165743
cf-polished
origSize=2318
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 22 Nov 2023 08:29:22 GMT
server
cloudflare
etag
W/"655dbbe2-90e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j12KdsE9yX6IfH6iYuJmuhLgGbg6w15Ns7ZgN8qmO5JIBLs8pz8P0Ok9dqrjN%2BXvvnSAX%2BOulaD7GkusSyg2hTYha0yH2kiyGCXdy3ZMoBkRdTnPT21DWBqo4zqbj%2B%2FIDzgFwmpkgbc8BL7XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
844477904b7f3625-FRA
expires
Fri, 09 Feb 2024 11:43:07 GMT
mobile-detect.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/mobile-detect.min.js?ver=3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165743
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-9820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFI7aoLJbNDM1c9wriD0Yk8EQpMqPOYZV9ncDsNVUssPROF6YdS4Gou54dcfveIhr%2Fi9idG9imAg3D%2BI5XCtwivjfBWzmtXx4h2gD%2BaXDANfaWIoAi%2FSv78KPCVakOWgWh7FlXDqUQFBdfrBdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
844477906bb63625-FRA
expires
Fri, 09 Feb 2024 11:43:07 GMT
jquery.flexslider.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/jquery.flexslider.min.js?ver=3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
501f611306d68d8af2978e88b9dbb98afc052add852592930f3a7755e66ae22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74141
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-5a3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMut8wiHa1XuqCaTkjVmQJBTfgEhtDEci9m1so%2BhWwVpTsNpUvbm7DtfyZ1CDotqL9uuRKKmTkK%2BNQ5p9k2JN9OpuP8Vn4gXnwfMQ4cKG7g7rMp9fLu4pHXW8StQgTccrcsbiKg%2FUPwj%2FA6g6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
84447790cc3b3625-FRA
expires
Sat, 10 Feb 2024 13:09:50 GMT
fa-brands-400.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56342
alt-svc
h3=":443"; ma=86400
content-length
78472
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
"63a0ff37-13288"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwpbGYpKUZpGlPBmR1wEBlIe58ah8ldUY%2BZldCRAUzBB8ZOSl5SuSlza9yTb4Txxa5pFTrzay405x8xihRwWWq49ebZmew1bf48AXWSEsZmqcqOgfeMDoiCogQGDzeORgr3zx5d4TdHzkvTN%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8444778e2a33b6fa-AMS
fa-regular-400.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56342
alt-svc
h3=":443"; ma=86400
content-length
13588
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
"63a0ff37-3514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dtn8ABrl9KOA%2FYfRhypt4yJ7%2B5RP6eWDHwAXgJWm%2FhWpUoIz9T8C9k3LMxmdmAA%2FCegtFvlkDRd577Y1tESgEeId4CGYaHDtR63sxXNNwbrs6b6OGesNGkwJEYdXDiUmdgj2%2FPUku36yTSRVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8444778e2a34b6fa-AMS
fa-solid-900.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56342
alt-svc
h3=":443"; ma=86400
content-length
80252
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
"63a0ff37-1397c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j%2Brt%2Fgh18YbR%2B93toXNdIYO7rJ6ShOGJ6yBNzH4citabLYB0QCPMI4Um5YcHXJeV2RUsFPxrN6f1VOd25bJeoEMhY5OTFq1kExAnpS6T3cV6ySxc%2B%2F6GDDZE%2BQ0s9Tv6iOewDQ2IWjlvxDyBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8444778e2a36b6fa-AMS
jquery.fancybox.min.css
www.xyg688.com/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/css/jquery.fancybox.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47575
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 22 Oct 2023 00:45:39 GMT
server
cloudflare
etag
W/"653470b3-31fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX%2B3jY2Ag%2B8Icia61FSjAmraO4QUKYQ%2FOrQHYdl6FN89dftvpVo5Ah1L2CQ0ksEAhRFgqEkusRhX595HvzYGGbMUcYH9HXrXyrwPSybwFB5ua1DOr1iC0vE76gL4CFzR%2B4l3f%2Fe0TCUFmHtd7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
8444778e2a2cb6fa-AMS
expires
Sat, 10 Feb 2024 20:32:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69d9d426f71a1afc758e7b05866cc90c604800b724bf8207be86bde8f3282582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51826
x-xss-protection
0
server
cafe
etag
778679642674111105
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:31 GMT
email-decode.min.js
www.xyg688.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Bx3F1YVFR0xzpQMqrZe48e7jRkbY9ChhZnASma0OzJkJrcGpo3u6iefp0yny5RS1uIkhmkrNS7ycsaV5OB8j7BaFQCrL2SlpEUb3TmPWFVlttisDpOJrrUFoZT%2FQaNXXN41UTu1DznN5P%2BATA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8444778e79963625-FRA
expires
Sun, 14 Jan 2024 09:45:30 GMT
instagram.min.js
www.xyg688.com/wp-content/plugins/cyclone-widget//js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//js/instagram.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc75d60bdc48129ec2e7cdbf2d0feb6fbb4b2b018bb26ea3b44f7ba51c45cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165745
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-87f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AONnAYLuusfq1%2BwMX4d%2BQJPgd3QK47fA3bQnMZRtYP4QHQNtpBgw4VJXiQRhSGro05aPIAwvsv%2BOFYZJKR7t6MRwkTB4i8EnX7oIa5boQaGov1PB3uwwL9s%2F0oxa4udM7mdDF3mDt491Bqw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e79973625-FRA
expires
Fri, 09 Feb 2024 11:43:05 GMT
underscore.min.js
www.xyg688.com/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165745
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 29 Dec 2022 01:29:27 GMT
server
cloudflare
etag
W/"63aced77-4991"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki%2FhtIuWcIAYbWVGZIh0wzPyATSRigu2UEHrr4fp4fNfkrYeZQVIFqe%2BH8jq%2FW%2FwRiv68P0ASqp2mmWpj33NQnHQwKuCETl346or4EGymLwVoyYVNR3qy2htIFqBBb%2BgUZhOfc9FU7ubzy6VtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e79993625-FRA
expires
Fri, 09 Feb 2024 11:43:05 GMT
hu-init.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/ 		641 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js?ver=3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186086
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FZQAnvvo8icL9789jOLB8Z7WyvWNKPpaQcoAkGIDCQLRL2bX6swjZV6NeYkGG91O2yvEb%2BSDXyjgMTSbhhHXKzmXIUQGHZHPzHPcdnr%2FpT9zMPBYIPVCmmzWwRibiCZ0MQoua2Lagd7kblasw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444778e799a3625-FRA
expires
Fri, 09 Feb 2024 06:04:04 GMT
jquery.fancybox.min.js
gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2427904
x-jsd-version
3.5.7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220023-FRA, cache-lga21978-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHg0Z%2BAKumOCtOadilgq3gJa3ESSVjky4Rw%2Fq5kb9DPY3Sn%2FrHR5M4fwal3ub5cukrCjJE19TjV1E8jm8ghZOA5zS1lWA9ma1hF7Gy23jP6Q6kj5IzSLbYJbrTiaeBfhhfxpezZuJx%2FL%2FHMjvazuAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
844477901f360487-FRA
truncated
/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
46738da259e1db3b86bdab9f46b4bed1
cravatar.cn/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/46738da259e1db3b86bdab9f46b4bed1?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
Cravatar-Web /
Resource Hash
1f6d697bbbb757645bb9c172ec2915925061a4cc057ac27e84f3eb6a9762545a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
x-cache-status
HIT
avatar-from
default
last-modified
Tue, 27 Sep 2022 05:40:27 GMT
server
Cravatar-Web
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length, Content-Range
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
fe8c83267f32f234f83fcf5e1caece51
cravatar.cn/avatar/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/fe8c83267f32f234f83fcf5e1caece51?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
Cravatar-Web /
Resource Hash
cd0fad06f612106228cf29d86b539e603388fb5805d83209a4566f515fbf58d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
x-cache-status
HIT
avatar-from
default
last-modified
Tue, 27 Sep 2022 07:08:33 GMT
server
Cravatar-Web
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length, Content-Range
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
eb05bdd068f0f88cd4c070f070606623
cravatar.cn/avatar/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/eb05bdd068f0f88cd4c070f070606623?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
Cravatar-Web /
Resource Hash
7650045c0c9f52acb0ec523b5579f8bf1d054b61e91bc30583ac28cb1ee788c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
x-cache-status
HIT
avatar-from
qq
last-modified
Thu, 04 Jan 2024 22:32:09 GMT
server
Cravatar-Web
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length, Content-Range
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
e43181ada47bae276bd4a332489c6718
cravatar.cn/avatar/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/e43181ada47bae276bd4a332489c6718?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
Cravatar-Web /
Resource Hash
e86b9c79c9f4e505df7d280321deff6c603f857a60d4629993affa654831c8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
x-cache-status
HIT
avatar-from
qq
last-modified
Fri, 12 Jan 2024 09:24:29 GMT
server
Cravatar-Web
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length, Content-Range
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
7bf3e0f9cf1406055940e2a4ed7b7532
cravatar.cn/avatar/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/7bf3e0f9cf1406055940e2a4ed7b7532?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.211.7 , France, ASN16276 (OVH, FR),
Reverse DNS
ip7.ip-54-36-211.eu
Software
Cravatar-Web /
Resource Hash
d6ed2ea4fd92450af0c440b87d820ec57621756a96221ab3e0342172a59d4a5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
x-cache-status
HIT
avatar-from
default
last-modified
Tue, 27 Sep 2022 07:35:54 GMT
server
Cravatar-Web
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
Content-Length, Content-Range
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
wx.jpg
www.xyg688.com/wp-content/uploads/2021/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/uploads/2021/12/wx.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78efc63f5080b21ed89c35bfbcf97382a59149aae1fadaf5e349312de5e93db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165743
alt-svc
h3=":443"; ma=86400
content-length
20004
last-modified
Mon, 20 Dec 2021 06:07:54 GMT
server
cloudflare
etag
"61c01dba-4e24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJUozBhF5JRr2qas4dpwai24a3bi%2BPwU0Dq7EI9yFNHqPv0XE4KViH7vqRW1ntTm1QG9rk5xm3FMnAlPke9cfa9NsohhQyi4cHtOuo1PLlfNNEgu%2BDiM94dPx%2Be8niPGggQm2AxjH7KOBEkl9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
84447795089b3625-FRA
expires
Fri, 09 Feb 2024 11:43:08 GMT
zfb.jpg
www.xyg688.com/wp-content/uploads/2021/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/uploads/2021/12/zfb.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60964ee353be12e47c742b5d244e3b3527ea1e6427c33715a63886244eda5fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165743
alt-svc
h3=":443"; ma=86400
content-length
22176
last-modified
Mon, 20 Dec 2021 06:07:56 GMT
server
cloudflare
etag
"61c01dbc-56a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnZmVFOOpy7kvhpG9pLdOPkfkNFXnmwIG0yzvOfeOGGBAdtWNNak1pwBI5zh%2Bcdf31Zaebp%2F6qd48%2FGjR9x%2BeljyH7eN6dF6tKi1mTLmcvIHMih5eUePJjo1h8GjlpOOJwuLdr%2B95agZszny9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
84447795089d3625-FRA
expires
Fri, 09 Feb 2024 11:43:08 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0681713c57c066eecc6cfb720699ed819f6c1d79ed9a383e5f93b710dfa74572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139392
x-xss-protection
0
server
cafe
etag
444500042934124313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:31 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame E91C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:39:14 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 01:39:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
www.xyg688.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 59A9
Redirect Chain
  • https://www.xyg688.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.xyg688.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3490e51d7d3e5bb13d5f73df0cfb3aefac5ba7eacfda6c9319555d0b52ba8d6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfot%2FVpZGfm3LP7bQHO6w81Ud5FPstijKwkPg4bqvIvWUcb7aGpbftHOtxRYiUyZ%2BbPou5GGRpebiV6GdwGngdVDeqQEjbN201neyZs%2BgKCx6y4TPPQCZifhpUDXwtWDbiCpb4u2jVbc%2Bgf%2BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
844477979ba93625-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Jan 2024 09:45:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqC8iUkIQhwdNsjnShdkVLCENMMIas3tBI9SGxYGwCkQbHTW5N3VzMAA1m%2BDDpsNFcXA1YjoUeAa%2FwenAmayHbX24ikxNvTsljIgBiX2rxWjTxFwMfe7VZxP1ouLEfz%2BJx%2FL%2FqRtzh56KLPcmg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8444779639dc3625-FRA
alt-svc
h3=":443"; ma=86400
scripts.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js?ver=3.7.23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:31 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181840
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-1295c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWDVZbwjgcz%2BMCQ2i78HWWhvsHt0wZbBf8e%2BKSxauGcKIvq7maKrpceES%2FkPGu8U5A0a%2F4wV81kM%2BGFnTSDWLE1S%2FHYzt6q%2F%2FFUR1sacc%2BO87DeiwUL1NAjTv2VeuHHVICW8GpBXd45EFTsR%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8444779639ed3625-FRA
expires
Fri, 09 Feb 2024 07:14:51 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2D4E 		332 KB
88 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&adk=1812271804&adf=3025194257&lmt=1705052732&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731748&bpp=31&bdt=1213&idt=237&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7409356389534&frm=20&pv=2&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff5dc2fa65d7f32ff8d59fa8520cc19506911ac4d6e44620d492170efefc3df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
90250
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
expires
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F050 		132 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
186df18d9f9de53fb564ef33c3d5e6c1eed1c9242726f42c452ce9f29e34e938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43597
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:32 GMT
expires
Fri, 12 Jan 2024 09:45:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
images.weserv.nl/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1553000%2Fheader.jpg%3Ft%3D1704963839
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c52c6dba416fc5f4c850bfa1a6896e5715544aae50ee30a213a16d9873e2310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3998
x-cache-status
MISS
x-upstream-response-length
28103
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
18958
last-modified
Fri, 12 Jan 2024 07:44:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3OXKZGsnJ0FFUAW2CjTKAiqC8cGCYoAR33NXLiGmfuLFbMn84c4mH4hh0qzTL15aUCKSNA%2BD0UdQ4SeefuGHiQgQlAEkOoDNbKHN%2BAom0vlakFjMvH%2Fj3GkC%2BRZIFNZRhsSypjqgFOtZfXI6yTa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1553000/header.jpg?t=1704963839>; rel="canonical"
cf-ray
84447799397366ae-AMS
expires
Sat, 11 Jan 2025 07:44:29 GMT
84447783fbd0b6fa
www.xyg688.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 59A9 		0
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/cdn-cgi/challenge-platform/h/b/jsd/r/84447783fbd0b6fa
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F94wNLF7Bd70bipELYPGJu6VSIlJU8em9TLL1MGhU%2BN2Q98RCPxh0Nbs74VDH9JsTwNNyK%2BL9zuf75%2BaC6jjS6Drn6lrw7zfz9E1gqmf1FJ8jqprKUGaMGSFzoYpPkF31Qa5ckVtOxQgowBmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8444779a1f143625-FRA
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 21A1 		131 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40efd6364ec7789d7fee95b555233f26822a9f0813fb4e22f738979834736bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42968
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:32 GMT
expires
Fri, 12 Jan 2024 09:45:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
images.weserv.nl/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F264710%2Fheader_schinese.jpg%3Ft%3D1642457299
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01afc38e153ce6b681fe866f60b7af037d4df296174ee6f5ff41fe9e7ef43e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16571
x-cache-status
MISS
x-upstream-response-length
48789
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
24927
last-modified
Wed, 10 Jan 2024 21:35:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSlErVUCLahn7%2FtCgG8jDtF4eYe8M3X93TG7o9I2B8MMGGXlS1c7V6%2FbpEiQ3kv5jbIhzULnLRBx2OOB0Mor%2FUNhLReIoXNCkv32g1%2BX%2BP%2F2wmSt8AvNNybw9caYAG3aLnMyozuWEVXgatIHMQUo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/264710/header_schinese.jpg?t=1642457299>; rel="canonical"
cf-ray
8444779b3bfd66ae-AMS
expires
Thu, 09 Jan 2025 21:35:00 GMT
/
images.weserv.nl/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1189490%2Fheader.jpg%3Ft%3D1643766246
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e239e5067665d36496de3e15f0b4c23f815cc182ec5f31672e32fbcf5d6a9649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192764
x-cache-status
MISS
x-upstream-response-length
29713
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
19073
last-modified
Wed, 03 Jan 2024 02:55:12 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsMvBoQq19ML%2Bfa%2BNWlO4dnYWklDeodW5gZgwzbX%2B5Xcg%2FQaOorwxhJgAe%2FnaJy2%2BqyxgxCOnD8Im%2BUQ0ypFJaXrsV%2Fm21WV%2BxAkRfeoHwx0WTZCGj9IijkhdlL%2BwWiLAo6pZNX7Mv1qtm8LXcYP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1189490/header.jpg?t=1643766246>; rel="canonical"
cf-ray
8444779b3c0066ae-AMS
expires
Thu, 02 Jan 2025 02:55:12 GMT
acAyWrPmzvEs2j9.jpg
s2.loli.net/2023/09/18/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.loli.net/2023/09/18/acAyWrPmzvEs2j9.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6954170aea7f7e9fb3eedae3a8e801f4f8dd842e1adc9d70fbd861a6777f3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13290
x-xss-protection
1; mode=block
last-modified
Mon, 18 Sep 2023 02:28:37 GMT
server
cloudflare
etag
"6507b5d5-33ea"
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jocFScHTja3EesWbwsKHnHksvCBFXmIvkhmSvqae8Fc3B0Axf3Ahz5dh9YeCqL5F0HFyo6xwg2w50H5aWA3WnvKyi%2Fkoib4Ghg1L%2BM1ZsLzFzO6Xo3GkT%2B9rhQWee1AaV37kzOfWrlBt"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8444779bdb201d8a-FRA
3tGp5HJ9K6vPWUB.jpg
s2.loli.net/2023/04/04/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.loli.net/2023/04/04/3tGp5HJ9K6vPWUB.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4b3a64e4faef066b02fff5b1f78e3a102b5cef317b4e9f8b1dd87365ba461ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
38902
x-xss-protection
1; mode=block
last-modified
Tue, 04 Apr 2023 07:12:13 GMT
server
cloudflare
etag
"642bcdcd-97f6"
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXrylmeK8%2FfYbgugJo0zHS%2FbRXSMNHe5V1SNyTMHdBkqBpjRXmzxS6ijZJZAOEG6JR8mIR%2ByDnrmJ8kO2UIHejUckEcyyYSoZVGc5c0NWKKmIrcHzArO%2Bog41ju6Yg%2FpwWYsLGJ%2Bh0ZF"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8444779bdb241d8a-FRA
/
images.weserv.nl/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F774171%2Fss_08637a7ac0fb40479d0ad69c78e49805641644e3.600x338.jpg%3Ft%3D1644560182
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7082836315cefa3c1471f6da30e0bf5ed88dc93a3672fb5b42dc77f762d0d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1278838
x-cache-status
MISS
x-upstream-response-length
122279
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
59403
last-modified
Thu, 28 Dec 2023 12:13:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBr68x6lZu0lQnID73ZPzPo5e%2FTgH%2F%2B93xGDqob5UWLed6mt0MKBJKbcsWlT0Z6tdTCkemqk1NmQ655tT6579R8t5o%2FmPlVTLxIwLlhOq4CIoEvG%2BHFkcMy8WJLvq94FADfClbA0K2d3Jl%2BJqKAr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/774171/ss_08637a7ac0fb40479d0ad69c78e49805641644e3.600x338.jpg?t=1644560182>; rel="canonical"
cf-ray
8444779b3c0466ae-AMS
expires
Fri, 27 Dec 2024 12:13:43 GMT
wemod.jpg
www.xyg688.com/wp-content/uploads/2022/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/uploads/2022/03/wemod.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a655c44f94deb4cae8b6d52c54a58a15d7b5767fbb5e203a6948017b8610c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2786
last-modified
Tue, 01 Mar 2022 12:00:14 GMT
server
cloudflare
etag
"621e0ace-ae2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO4MLbaD51P03bFDnUOpcLD2s7K%2Fs3ulny2i8InRq%2Bh3QcsTKfYRIng6MTTMsnmy6ae6yM9EzLf94F0PikpPKRJuovgtoRP2jwE2nRS29Gc1t8hlDV15NwL9L1pflRAyX6IXX0ggeGU%2B%2Fvovsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8444779b28a23625-FRA
expires
Sun, 11 Feb 2024 09:45:33 GMT
/
images.weserv.nl/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1158310%2Fheader.jpg%3Ft%3D1664522388
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37420177516ec4575ddc7abef31c7e45a405816cb927c64fc15efdd1c4357326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
602317
x-cache-status
MISS
x-upstream-response-length
39936
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
25079
last-modified
Mon, 01 Jan 2024 19:12:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecS0KADBVxaHp5w2SbPoRVRvkG%2FGwYjXebTvIXLe2%2Bmq3SlZ9kQ%2BJSUHSjkOFJR89RevcFVxlhrwAqxlkflZPlKYjw8neYLWUu%2Bux7BpMs4KAK%2Fx3RbN9JKToyaoeEyXSGD0jOy2kZRNcyZshWiU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1158310/header.jpg?t=1664522388>; rel="canonical"
cf-ray
8444779b3c0766ae-AMS
expires
Tue, 31 Dec 2024 19:12:01 GMT
/
images.weserv.nl/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1217060%2Fheader_schinese.jpg%3Ft%3D1645777339
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88dbb34ef629a93aeaf33a3771257f7d9e5f9eac9befa78621cef0d452cbf552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
359402
x-cache-status
MISS
x-upstream-response-length
55634
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
29994
last-modified
Wed, 03 Jan 2024 04:41:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEKT%2B9Rb9Kb1LdjKip%2BfhEY83%2FvShZDLcAwH6Uwy4DEeUz8eHfybd3nYBNzNCQ%2Bzx9BNkkGrOkW2ZHrOxWqFBhywvxX%2BGCHFkeragifiWeEw66berZqYPIXKeusnuCEGJocaJUdlvn0LEhw14NoP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1217060/header_schinese.jpg?t=1645777339>; rel="canonical"
cf-ray
8444779b3c0a66ae-AMS
expires
Thu, 02 Jan 2025 04:41:59 GMT
/
images.weserv.nl/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1963040%2Fheader_schinese.jpg%3Ft%3D1675132245
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3612d9b30c52e4422c5e2e3de1a71cd7981472a564e5cbe666299d5b47da03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
189683
x-cache-status
MISS
x-upstream-response-length
63668
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
34030
last-modified
Sat, 06 Jan 2024 03:02:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUctaU4wgVNZ6D1IO0cuwZgtFP93raL0NpvrkC2O2f71OC2NiETU6UgOUPTtYjDwDbcWaBnSr5LcHORtaAqJNnnjMu1dZ8wBI5R6sn%2BorEprtbSUKje7XUw2Adja%2FA%2FLwpEZOYXra7nfxxmhORg6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1963040/header_schinese.jpg?t=1675132245>; rel="canonical"
cf-ray
8444779b3c0d66ae-AMS
expires
Sun, 05 Jan 2025 03:02:35 GMT
css
fonts.googleapis.com/ Frame F050 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:29:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F050 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
56063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:11:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame F050 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
23128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:20:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F050 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F050 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F050 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:32 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame F050 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:53:38 GMT
13690561950667382579
tpc.googlesyndication.com/simgad/ Frame F050 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13690561950667382579?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb93faa1c58d38d934d8e342b9c363dbfe08c99ee77b0e3368579d24d69874a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 13:56:13 GMT
date
Tue, 09 Jan 2024 13:56:13 GMT
x-content-type-options
nosniff
age
244159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36232
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 21:28:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame F050 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F050 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F050 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89d04fcd2cbca4160ae55ef301374c6a116de2187695161dcc2243b02dcfda65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 21A1 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:24:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 21A1 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
56064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:11:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 21A1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
23129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:20:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 21A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 21A1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 21A1 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 21A1 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:53:38 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F050 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 00:19:37 GMT
x-content-type-options
nosniff
age
293156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 00:19:37 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F050
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CqiqrPAqhZanSDePftOUPtO6M4AOT_76hdcjczdDNEcrl4uiTDhABIPTKrpEBYJWCgICgB6AB6f31zwPIAQmoAwHIA8sEqgTLAU_QoirHQYVTZ8YM7uZjWCWoEttwmL6sns2DVYCmBEI4ylf...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228568491598051406328%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_wind...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228568491598051406328%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213798836775748893681%22}&andc=true
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8568491598051406328","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13798836775748893681"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 09:45:33 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8568491598051406328","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"13798836775748893681"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame F953 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=927568129&adf=1491139770&pi=t.aa~a.786479190~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&to=qs&pwprc=4005296234&format=1200x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731783&bpp=1&bdt=1248&idt=313&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=328
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/2447668951555358589/ Frame 21A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2447668951555358589/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c653ffc32c579c45394aea0c33910b7bb790f5ea8b53a58729a7aeffccb7eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 09:31:49 GMT
date
Fri, 12 Jan 2024 09:31:49 GMT
x-content-type-options
nosniff
age
824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2462
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 11:01:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/11887798093879057562/ Frame 21A1 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11887798093879057562/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc772683f8b868ea4a23a7e70e31179d35bf4c8dd362780c5926d878247b3b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 09:32:12 GMT
date
Fri, 12 Jan 2024 09:32:12 GMT
x-content-type-options
nosniff
age
801
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34889
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 11:01:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 21A1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ade5c6026102f130cf2e6c67ed35f73764393a95498f87bc4e960be3b37a7388

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 21A1 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87a5ced2a3f05591404b0fd2b735e8fe56edf86a437f27b49d3d6ebc0a181c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56395
x-xss-protection
0
server
cafe
etag
4881723130422468132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228568491598051406328%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213798836775748893681%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FAD6 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a40028641fb7ec11c9b8247ef5a7d17e0e22a4ea277e049ecb6f47e371baa81e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E28E 		27 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a55daa3a7ebab21f0221b18c725235976878104c37faf9f0b93333cf23020e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13163
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E115 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c884bcdbbc14d88a1912b6b7bf7373dc3b24349a9a70a284616591182359ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13263
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0070 		27 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce0854dae8647fd9b05a9b55cd464b24ed4c540c64c75b48f148af322210a444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12988
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C9B4 		28 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33129c578fc7c0fbb8d4da97105ef2ff3ae3d77e75296748f30bd08ebf08ce6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13319
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C2F6 		27 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f808ced0e91e99874d55304cec42cbac0ffd8b08cd64efa3beba73fb435daa47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12906
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 21A1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae317bba34cabfa91126f3bf74b060d30fde82cd67077abe3778a2904e31792

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 21A1 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:07:43 GMT
x-content-type-options
nosniff
age
99470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 06:07:43 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 21A1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4kL6PAqhZYrnJ8K1tOUP4a2C6APV7ISXdYeaxPqNEtnZHhABIPTKrpEBYJWCgICgB6ABkO244wLIAQGpAqQf9hF0Gwo-qAMByAPLBKoEzAFP0D_RGstISn9P_0UDYbyuFfGQP7rR0KtTT6s...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213265721682886992191%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213265721682886992191%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2291079682376469329%22}&andc=true
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13265721682886992191","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"91079682376469329"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 09:45:33 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13265721682886992191","debug_reporting":true,"destination":"https://steampowered.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["745420432"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"91079682376469329"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 91C2 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 03:19:40 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 03:19:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 15D8 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 03:19:40 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 03:19:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame E501 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1705052732&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052731779&bpp=4&bdt=1244&idt=311&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=778
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213265721682886992191%22,%22debug_reporting%22:true,%22destination%22:%22https://steampowered.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22745420432%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2291079682376469329%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 91C2 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:33 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 91C2 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 17:15:58 GMT
x-content-type-options
nosniff
age
145775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Jan 2025 17:15:58 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 91C2 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:15:10 GMT
x-content-type-options
nosniff
age
174623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Jan 2025 09:15:10 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 91C2 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:47:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
3455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:47:58 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 91C2 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:31:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
47646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:31:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C237 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8358 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:48:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
53813
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:48:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 8358 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:04:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
49293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 20:04:00 GMT
view
ad.doubleclick.net/pcs/ Frame 8358 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsunrAv_9mu5vbmYC26vu6YBY16jsSTslaX4vsCnrXP73YQUrkZ2GoJOyexzETxW5uK7UzGjmspeBmy9lRYDGiinRc0anGnmSBVPVhVlyAuCOUgQp1aJI5DL6f3IP8WPlfhSDHhXb6Q1ls2zO2F8trh7qejV5QBnxA0MbuLwTB0P21BTNA3e8v6L-fzUSb1g0Yx0q3zXe0_VviNzAAigy88OU7uEKla4_W7B8G7AXc6czSj1jESir1jz0G9MQ3S9e1G7oBLuqOlbyMGj22I2CfL-2HXwx93c1vCAI6nXTWMhWqnnthAzaZ9KEdbbYCiRK61e7KMWEtiDShFrCVzdzwDIWGGZGl_KQouaSYS1uOXD2-29C2VdoS1FqpQB9rGtU77I_hMXgCnftpBWIN6YAJ19uNVaB2qhNwyxA2Ph8dDwMqPJhjBQtKbE_GJqnNvTYXwewYvhbfYifnL5NcfTBEjUxdCqg6u3Igc-cEmne4DWpTDF8f-h1DUGC7k5DHYl_g6ihULn03BsgoHb4ws-47zgOdOnC74umCwqpZXM_ZOd-rmmc9NTNRYS5HHgv8W9nUvZIWdsPEKL-EBq1s0-xu5wQy2EcmIqIULd23EIKiZNIbCYWlLuG4ZKJaxt-BAQvvxH9EMSBltgUdc57yM1h1z0rYLXGIyejJXHsGTcVBYLly76Z3nXPG0k4ssizn8jZa5vSdtRuqQZX9efklad_WAo0wf8Rhj3zKztnsk5-aqyc55QsxwtkLEPVXXbn9TDi0yGB3PgUU062qgN6fw7DY6qdIWrITSM2RZx1K2uWcU3LS1tMMW1LdN0jPr41BmTJna2HL7wMH9RdSSc4g2Pi3FGPOo_fFEeDrMJPw-VLE5EfMytyXS1f54XoBQwO8Nz3dYbwCEhRtWuJyru7ey7oAn6OueRABX5MiKD8ibxccNzh4E09fGHu6L8i-LY3d6eF5YH4PC0CDd2fkkojtEyv2L90o8Kp6No-6FI4Uxjp_VXhumt51yLkC-FGJZnalLVIV-rr-jQBNJ48teBx4M09_frSzVoNoCPVW62PhWxuqc6YlBDdNFdNVOLxxLwSiRHGdVg9Pt3WAKlwU_d1oeilow1ZxPhcywOkIUZLqxZF70Gx8W0uW_8p9Zr5uVsoxSxX_3OLrsng9nrP9JNuB2b9IiAEybuo66YOvAs0_7NU-RjwWrOtvWqzaVlpSkOf9-jbNvB3J9fa9jjsWCe_GIROjqjW3KBPGDu51lfQwUlTmpklv17tLsDV-B-nHdKMJrxAq6djZgU5zA503Oo-15L-Pg1MJLct2tt761S0iP1-qn_VSRRzQ&sai=AMfl-YQNPmpL40X3euGDaWd-6PmwCJy4M0apmBaJxMWreBpqy-7vzGqYf6dnVlDKJk9jtMIqEv1Zn-RlmmiI9xXDXtfghThq4en7AWPkE4JGIUEHZgml69622LZSkvbIbnKXCsbGKfC0bdmuKRL1lG8pVMm0mXjdJlH3uJxE7dt-vsxwf3SqS9dstbgbQRK-9L06BQnttz-S8fZRmZwQAU36f1GcJouqkU4hVhglif-95DV3CVo69qTqU_aRPVzungu3l6pXdps6P2T9aGV9BECInP-UQ2XcgbylhQNJzYfM01HVT2NI1IzK7uTNVV1xwC3I8bxViZ6WYVZH1Zh4GwI6inJtpoepdMPeLv5HjH883-cxyit0cYAdkQXUQmlNa4Oxdpsf1SHE3bq9pWB3YTpB6GlWiLD3gHj0ZHB7ZM2TV_ofvuOvXtp2i5_R8uAdv4Xb1aINttN4WlIxl88aMnGVFbc0X0K1poAv-myxvtM8czBthT0br0cc-nGnCtJvlqYP_Va3DQ&sig=Cg0ArKJSzJO2DfBjFohWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240108.77994&arae=0&ftch=1&adurl=
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8358 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8358 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8358 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8358 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8358 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dv_XkKrU_Iz8GlO926i7Iu1mHZo7aDCi0EW8sQtgE3y1pbf1NOV7SaC9BBK8tei1uZo4SzgrNuHOTNvne4IWrIRoqcK8AXWh9ucYioqpI1mHv7YpY
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
661427306190970793
s0.2mdn.net/simgad/ Frame 8358 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/661427306190970793
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8a19408285344b71bb5e5809c183376bd23771dec91a091d420a09134e2d858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 08 Jan 2025 06:33:03 GMT
date
Tue, 09 Jan 2024 06:33:03 GMT
x-content-type-options
nosniff
age
270750
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47033
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 14:28:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum
dsum-sec.casalemedia.com/ Frame C237
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHhasksBirRUq%2BBRuaSzNA34n2L3MGdMYAzbWaSxop7JJzQjt4F3CRvrNDVpgYt0eBzUrFiYW82xvL3CPR5MPyf%2FGAIeyU2tfEf4mSR%2BXG9mS9ecXT4kwJWH%2FVhR0qN1ifDg5rXj7zkEXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844477a29b8c3a43-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C237
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaEKPQ7OtRYd66fP7toyGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7pusyFKVvWN6oK5bxhOGUTfEX9MS3vvW69SSaOYQHG2t%2FSZK6OOwofp6J2GSlKipwnnk%2BTrHEJ1BytnKrw8%2BZC9BSDy6QthtmBcQCgK0mB2sv9dpCH70RHPLleICB9SMy01Qf7Po14xbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
844477a2cbf83a43-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAGEi6ONG-RfFxgVFEiyVz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame C237
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJqdhEMBWzxcuovd5N5XQPc&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqdhEMBWzxcuovd5N5XQPc%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqdhEMBWzxcuovd5N5XQPc%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
an-x-request-uuid
fee4821f-9665-4007-94b1-0b177a2969b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.58.58.244; 37.58.58.244; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
an-x-request-uuid
b7dd4d03-5311-4dbb-9279-8d0b4d883326
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJqdhEMBWzxcuovd5N5XQPc%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.58.244; 37.58.58.244; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C237
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzI3OTA1OTI4ODgxMDc3Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzI3OTA1OTI4ODgxMDc3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhiejp3xATAB&v=APEucNV-0HFo3zE-an4tq_fIWVebyK-Ju3_R7OKu_3Jk14WehXkg6gRcXePBsklnKsof2NJJBAG1M68z9MFKougz7YinEbts4z8oQhy6IrBSLQN2XUgankcsijNi_GdItaPWuPKhkbJ3GN3Oa6wZwI5K_aGLsbsqU_5ScPxNJL8sU55xzpMDcF8
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
an-x-request-uuid
62969ea5-9f9c-4ace-9d29-b64d51fc983a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODk3NzI3OTA1OTI4ODgxMDc3Mw%3D%3D
x-proxy-origin
37.58.58.244; 37.58.58.244; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 8358 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsunrAv_9mu5vbmYC26vu6YBY16jsSTslaX4vsCnrXP73YQUrkZ2GoJOyexzETxW5uK7UzGjmspeBmy9lRYDGiinRc0anGnmSBVPVhVlyAuCOUgQp1aJI5DL6f3IP8WPlfhSDHhXb6Q1ls2zO2F8trh7qejV5QBnxA0MbuLwTB0P21BTNA3e8v6L-fzUSb1g0Yx0q3zXe0_VviNzAAigy88OU7uEKla4_W7B8G7AXc6czSj1jESir1jz0G9MQ3S9e1G7oBLuqOlbyMGj22I2CfL-2HXwx93c1vCAI6nXTWMhWqnnthAzaZ9KEdbbYCiRK61e7KMWEtiDShFrCVzdzwDIWGGZGl_KQouaSYS1uOXD2-29C2VdoS1FqpQB9rGtU77I_hMXgCnftpBWIN6YAJ19uNVaB2qhNwyxA2Ph8dDwMqPJhjBQtKbE_GJqnNvTYXwewYvhbfYifnL5NcfTBEjUxdCqg6u3Igc-cEmne4DWpTDF8f-h1DUGC7k5DHYl_g6ihULn03BsgoHb4ws-47zgOdOnC74umCwqpZXM_ZOd-rmmc9NTNRYS5HHgv8W9nUvZIWdsPEKL-EBq1s0-xu5wQy2EcmIqIULd23EIKiZNIbCYWlLuG4ZKJaxt-BAQvvxH9EMSBltgUdc57yM1h1z0rYLXGIyejJXHsGTcVBYLly76Z3nXPG0k4ssizn8jZa5vSdtRuqQZX9efklad_WAo0wf8Rhj3zKztnsk5-aqyc55QsxwtkLEPVXXbn9TDi0yGB3PgUU062qgN6fw7DY6qdIWrITSM2RZx1K2uWcU3LS1tMMW1LdN0jPr41BmTJna2HL7wMH9RdSSc4g2Pi3FGPOo_fFEeDrMJPw-VLE5EfMytyXS1f54XoBQwO8Nz3dYbwCEhRtWuJyru7ey7oAn6OueRABX5MiKD8ibxccNzh4E09fGHu6L8i-LY3d6eF5YH4PC0CDd2fkkojtEyv2L90o8Kp6No-6FI4Uxjp_VXhumt51yLkC-FGJZnalLVIV-rr-jQBNJ48teBx4M09_frSzVoNoCPVW62PhWxuqc6YlBDdNFdNVOLxxLwSiRHGdVg9Pt3WAKlwU_d1oeilow1ZxPhcywOkIUZLqxZF70Gx8W0uW_8p9Zr5uVsoxSxX_3OLrsng9nrP9JNuB2b9IiAEybuo66YOvAs0_7NU-RjwWrOtvWqzaVlpSkOf9-jbNvB3J9fa9jjsWCe_GIROjqjW3KBPGDu51lfQwUlTmpklv17tLsDV-B-nHdKMJrxAq6djZgU5zA503Oo-15L-Pg1MJLct2tt761S0iP1-qn_VSRRzQ&sai=AMfl-YQNPmpL40X3euGDaWd-6PmwCJy4M0apmBaJxMWreBpqy-7vzGqYf6dnVlDKJk9jtMIqEv1Zn-RlmmiI9xXDXtfghThq4en7AWPkE4JGIUEHZgml69622LZSkvbIbnKXCsbGKfC0bdmuKRL1lG8pVMm0mXjdJlH3uJxE7dt-vsxwf3SqS9dstbgbQRK-9L06BQnttz-S8fZRmZwQAU36f1GcJouqkU4hVhglif-95DV3CVo69qTqU_aRPVzungu3l6pXdps6P2T9aGV9BECInP-UQ2XcgbylhQNJzYfM01HVT2NI1IzK7uTNVV1xwC3I8bxViZ6WYVZH1Zh4GwI6inJtpoepdMPeLv5HjH883-cxyit0cYAdkQXUQmlNa4Oxdpsf1SHE3bq9pWB3YTpB6GlWiLD3gHj0ZHB7ZM2TV_ofvuOvXtp2i5_R8uAdv4Xb1aINttN4WlIxl88aMnGVFbc0X0K1poAv-myxvtM8czBthT0br0cc-nGnCtJvlqYP_Va3DQ&sig=Cg0ArKJSzJO2DfBjFohWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=146&vt=11&dtpt=144&dett=2&cstd=0&cisv=r20240108.77994&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame D834 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:29:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D834 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:11:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
56064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:11:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame D834 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 03:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
23129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 03:20:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D834 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame D834 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D834 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame D834 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 08 Apr 2024 08:53:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E28E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BupGuxwzdGw7RtSYQzrlrSMRzq8J_8aYaFSbw0idWEEPSMTrWAQY0AX3NuCRTAz7gI0z1WauEAEoxIk5nyXHvRFORKKUDzuZ8fxi-LGnqZhwQLC5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E28E 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E28E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E28E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame E28E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0PUPX6RwJq97A1t7V0WLHDsDJ36aJ-jaOI6q-cn4wN5cEV7bJeHXNDXkgKqD1Zo5KFAoVld1QvhhQs_1DVVPItbRkJw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E28E 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZrwv2QdSNG7PrFgVXKSPljGT0l853P8xpgUSvknC__MXxBm7BZ0EiHcMYGj3WKt64L3AleEomxkDj6eyJ4rYYVPKBuU99tzooZ94mYOLGOThfPpA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0070 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 0070 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 0070 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame 0070 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTz8t2pvCcMHtncDbJGIvkT7S8DQBgwUrrMyfFIKLDnDAmluNDcrU90rW8bHlKwh7IPClY7ezjiJUT3AQ7_CkQfgkIg0A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0070 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2F6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgtqhUQ7R2EReSe4soJzyqt2ePtHOaYohrr5_p78euHeUhcoSi1pikk1ZG4sTImz3g-FMZfnob6wrqeEoiD6jGFQHdcLzrbGPPVMGvB4gUZl4KdSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C2F6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame C2F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame C2F6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame C2F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIvAouKp7cchFmue-COqBGpk7OC4y-4mia6g7-42crkTw3t1VQxNrsmyukGBCPbyZlO3EFAn2n-ZHxK5l9YtvNrAniWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C2F6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAD6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COgRNEf6JkohGVKUpdrzUBb8ttqHlWC0pwQ4G5TsIcf77lhQ-tG3vOGXsB1db_VltvvMu_gfYyG2WpSgR9gaUv5oBlMwFU9JdIk1znJYqTgXVfsSk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FAD6 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame FAD6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame FAD6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame FAD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQj6AMCpfeVMwO-Ix2k93GoZlkRVwRebOrGMGxzajMEUcwBkMAlDipr6YMcktevrUDyRfeqfnNElUcUsJHwGPTRF1rEQw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FAD6 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
truncated
/ Frame 8358 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e121398ef2498ffcf90ccef10bbf2da1f549cf55e0abfcf839fb19b13d42b904

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame C9B6 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 98AB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 98AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 98AB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame 98AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTe2rfqb5Tn2-2rbYX0lhHfaJ4FaOsEatUWdgDxhYjZNEzwyFXdbHVKpMhJzg642s7PgCrvNRP6cwPiQzq0hohuhr60ow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 98AB 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJT5VfMN7L3-WIc0nziC19RoFW4wfAuRpGc-nzJQGs4KuQAfbF2alXil3Xn2iPH0U1QxeQaP1y2wtKiG4zhMb5FcAkhPuE7GO2oaXG9Ml5bg1Dsj8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame A384 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A8FF 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNV6yLwYBXC255eTNdaezbt3Y3CPYDyJqdgCawc0DZajNXZX9U78A6DD41HesYuU2yZjmdZOynWHCIDJmn-lyVyZObanxiRu2st7l6RvbXHIuHQJ3rFwziFz9uNLkllH8cvIdwj5fqxp--jCv98Z07NAeEG8ZMVNLJRHj3rDVMgFKoIyu1E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2ECE 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXvOfNLzUM4HVgfxIUfSQBvim9fUZIj0-N2JS9OzxgjeXWHLjZAhvlg0yvRYx3Rm-RjbudrSMC2ciGI6uBzJK-i2pId0GvaRq-tfxF3-7y6uRaeY5J1AshpY38tZ_Dlb5GTaZXNvz1uRZX3gHVZuUYTpqcv7hmljkVB1uhKAPQtvLpQ5rs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame B3B7 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXjvkAZRVNKu-PBQ_ycoV5KSFEguZzXY416HzZyNZbZ76oBnEzDyZK7u6LuMns7kHk7gcXmSmzIa0O7nlKHgGdHXpbjdjI9n9Chei3WqTKekBhuTQzdA3H1jSc7iapodCmwrW0rulZ85GKx5MrCtQK555e9ygJu0lv2mJG0IfHq4UjJjOM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2EF6 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUGCvNww36Aycq7SYrHUdtShoOCc3Ou7Ddx-CY73TSoc62DwDasz-J746dOrKOg4uo_0aO92T92zW2kIPwJCSdE_aoyuAz2jqYryG9L2fic8xkEU7uRO2i16pbIf48IvtVpc0nMgAx7wj_RgCNmVOpE5jh4OTiRMfINNeLhjAwxMYTqQkk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C4QzoE23IzFodDwAmDlnt4XHy0ANr-3lh5JjA2qs1S4nYhw-M1q6oEyvbXofUQ4EDBf4lnRlLCSZX2msrG2hwVbOlKJWxBwbGFSCbEzPUih7fFa-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C9B4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame C9B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 11:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
81198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 11:12:16 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame C9B4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 09:07:44 GMT
l
www.google.com/ads/measurement/ Frame C9B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROrZUvBnWQ5sktp3utB5rA7W5wlbyt9X2jYpurFwImNmeftwah7x8UlQaFOhx2wWmbG7B9yWkF7aRKTs69RFcA15MzeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C9B4 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 09:45:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E28E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3533907465660&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E28E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3533907465660&version=m202309260101&ct=77&x=1&cor=14469729380696943000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E28E 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY7mhybbtpKYCSJQKsqgKjj7oAY2ay8n3HM-poZEUvMqOXJS5gNTRs2qAQuhGBcDWA_w8BYiTdLlqWmwlXtNQnE5H3PS4EohFP9TVMMVugczK0ieyRY3gvs251A9RCQws_3lrKtRNXiCXI5hRhUJ5KCVAC1h5kEjmkGStIt_HQQl5WSSQ&cry=1&dbm_d=AKAmf-CjMy9ywpeiuGMOHRsVwIbCX1LCtsM1eQM77-4zLKaalPHNaKMa3FpSMKyH__KvUbzm7LxeAc7eEkTS2bMNKhqRQVFotFYmfmI2cehcE7Q8iuWy1ZIhg3bvrT6-4s8Nli08N-Ldp670iuTF3Kq5KjYVlDmNURvskeUcHXX4fp2faPH_cV1WzUiY4JFigTMe69B6dX7v3FId3fQmUT8ygP2fq0bp-HzjZXhRyfg1SE9ncE2kUC3qFxzg0apo64nHESN3DwyAFv8blxhEXpIFxaA4JS2C1s4xUBalP-2HEYum9DlB7kO22YlFco7uTGxLTLXmAZ_ceJhnedhD-Wtq29Isx3lp6TqZfG0tJ2qBrbcyXNBSH5y4QZ4O-lGZILbp8KkU3Xw_d_C2A1-R5Q3LaQSVhK2uPOvE2Te6T2rKaj0X8afAePmUcfPplHtQaqnLLQyurp0qRzUjQVwhV1MdtU1mmZik7vtZPTWpgo6xC9upC5GSQDfdhx-wm-9zDrwE-Mk29XeLwIGpuX1pBRlGrpNHTebBR_m6CzYI_69dvdNwKy4h6o11Mivcv6yf_avv3A9xq0r9Um0o5whb03hq85iJQWMzJsqx0L5spUl3ToDhLtLHmjUo9VfDbntN845UjQPlXIEHiJBKhBBCKzfCuTJDqw6yArm80Rr4pEsNpV-33guqYTJXdKEkYvQq7yDMEelzL4KyhIJU1TSV76A8gyUO_afjfAqdyQ4PhL8ysJWKXt-sE9YLO2lSCO1ecr8k2wBvGYtC_BlIJIDV2SZmMW-nEGD9b_07DANA86Q3o_auvoFlEn-z7oavRMo9S2Pr9fcYSdgNinsc2eieg9coU6COoZyoSwjDOjiRSNc48duaTZUbnruyKNjd2W1cHUBo1SM1WnokYUOHaP3cMs12YHLZUrT5N4Y3yvRbGOCnxfX0Qad4hSTwh9za7zFl4ZEY8UCy6zbP60YO7tbYu-d2vxZHKQj1K-4IC4griNky8QSE2xVNoyCJXilrM7_qCm0BfGdmZQJGrenT8bB8AGz2yWR2qFG2tjeXRzDjI7x_Y4-b-ALkFm45e4K4u0DeCWDhL9EPMNHc9FfK5b7LsX0O_5iTdofb4Mh0RL79W5f4LnwolYdMU0QUDN8Cjy4-ddJ0cH8j0KzyeuHNG8GkzqN8h2BxMQ3giqeTokP8t2YL2vEPqFOhDgPRm_FRNSWJCdw1VTUnNHeslSRMVWBVmIXf7qVKFVFy-bSEM-WVwUkJLuodQgKzOsd_xYf_Kn6n-iYn8rj47rvpQ3n5jUjqmgCv83rDUAl1g0eJlwjy1z3MPTzQwfqHnXd_LctXhPrHCPinVmiVf00IsTVLirqxwC-l1KF-oHwHcDuJtqdSx2YvyaNFT_LiTMGpIMuYlGzqh0hTkjuhcgSMp4YUIDs9p9KmcoH8HRgAnlpK6attbLsYeYNmTmxIwkM_2ZZLSDxYTNTsLkbUp3DZ5nRemeT4Ik4K9_t_eFLon39SQYfq5tVRUNxMxEyITeVOspzFE_FB5NyEtofg8-Tt6oAr9fvN8aD2AhlEf8XKIwFWlwJ7-dvNGk6wu8l7Ifl9sePpI9KHkg6PyLaPr-q1ZV-L9z3s0MYA4SybSlqonAhQTUR33pZFqM9EETyrMBBAZ1WlZvQAG5ER9S74hgyXbKI2qN77AovyqtO3bE1hmJrw3Fh3Shvwh_Rs8MiwNj1W97swQSzw2rTexK1L56vkApbqN3HdacIt8zw58ppbxShfnWFA9JGQnGvHcvNFYyMcsXSKM-Vj8jqGbDqlU6tczHL7kOFCxX1bclw4wToTb-G3oHtbyEiZUIddOikRL9mG38m5n_8DjSJZld0L8naFpknKLdtna-eRimCdCq1jjWq6l8ezf1x-BvbU5ciishtCo3QKgSvE8WaRQgA98uZzxlxRtUcaIu9VMCT5EJha9EfuYR8GkuFNUiw7LoZsqYHOXtEkw1px2Uf1Yw0MTzM9TVtaswOIqm2z-m-HHlSa_SYs5LnEa5RiWZ3uA_Ea1Wq4puuOZHbfuFoDY5ILLHLABJrmePoC53by12NonVgLVRcs17RtL6qez63lsaOPmnX6f0G1xhVEHkvj3B4KQe8UASMfIFBZRrwkJXWWUqncT2JDx29uaj4dQS9zAPpSDRy_tKVcoZW8SFFmwZ7-9oCV2fJft-qvDTQ5xNQTvCuqCwHaCrTMVslT8S_y4sonrCeAU7cZKZQMm6WmbxIwO5ISTZhj6ydVYF-jgSjQzL-FvdWEYJKLPtjny7WEMIsn4eo3-E92uzNdX_6L9UDFTWbPZ7mOkEp8-PnKEPNbR33tbKFQNDoD-WmL-0SqM0HQrK-mzTj4Gmb6eJWM8jxqjKpI_XL4AknnOGqzeYXXX1nA6P4WtePG2p9pg3LARL9l1HxyBrAK78viRGzEK5_uLP1S20IlboUGzXVmTa5aG5toKfHiVZH1UBIcQeg9l_kmXdXKUlfyK10SNEa8o34BEDSiq2feSe8gRGZh0pGUbphXU2vtKDnTPmNDbHhsSPpULpBOtUkP0Nh5Q-BZxRdMpeAuBDFzv0iILFdk-80G9McQ4pvfn5raKJva1SfGOmUy8XvQ4KJIPE_55MJa5RBDjpE5TqMe9LcsD1A9RAofyexdy369zMw34bMvtLoC24Qn29DXIyu0kKc6lUzkK99WbRL1Ht7QGqk0qlI9o2BLL3PgVgJcpa7_d0g_IGDavhaWK4SV4xBmmEvfaOPpl1HX8d5Q8qj6XvhzYlJIFhlQVQsNhgbHQ6o7za4BKnrIxoD4mhWyQkwXus48ok1WkdNSYFynsvOtyWcGl6SyVZRJ3FVvlwYYfaO2ABvXdbromqtMtInekB7geFEjb48Je8vBJcLoKFjBU1b-Odpr6jfgNMwq8uK38ueweuSjnC7vQOtfcGCW-kkxS2pKl6K0W7cj0CekMWRYCRu_skurQ_qtWXqH5bkjFtI992EGbbSi4wB_6K0TZ8NDihIZccpJtXkKRuKjthg1pnLeVGamyeDyA4ZJ6TLI_2jF8ML4wwvdEuJ_KF05x6I_cGPRa0-5QYB87rvQcg7wGyfDIs4ENBzcM2xuVTGDJF92qFRczNvZNhLh4_mkG-6YKkrHHpfBcbMZ7G3VW4_8nca_mq17k0OQD4ITvNJ8dphALaDjzKFl97iZeYOGuhiAcg2P3XHAFYQpb7fzInWfNy3bN0nwuTuxDZg4-oYu4zNsjBVKBia9iHTHtjw_7PdqZoWWplaHvsqbP8FNiONCZJMhdS3hqqwdWcWWjDjYFH8fCPNBNbov0UZNX9lDi6MRnXO_j04DKB__zqbNGOvteq-IhwCs8OWtG1C5gE2DUuK-Nl8Ts0EwZMpY9QvP0s4wDKu9ji9fxjVH-NZzNtLzAfbEc7eqgD_rcYnyPpmQhQsfZU51Zd1vEhwaTgLM_BtDYu7idTIezuBUcRVbEdAqValPmGNJuu-_185LsQXkkhHykts4iqJFcorrdZr2Xm4XNQOC9FJmkARV_IbGSc1fpYWM-vu2YWfHNqpq0jl5EzqeIkGylNBD7HzYX8C2b3YStSsTwBxeuUttF1NHdaIyFS2-iGLbgJwBxlSS2_jtV9J3lX0pTRM9xYChYnSkMqOKQzHdlUVlytcM5bdqln09UHY8PEiZGGoD9L6iAwNeiqPgjeBa9sh3NMzakqM&cid=CAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=14469729380696943000&adk=3047537734&idt=84&cac=0&dtd=49
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c5b0a3fd4f32edc2f4674a8c7ae9a3c12f31c60ec3460727a3beb8361799b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5054 		398 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNWtuySX2oEkXU2MhvXC_2WrjDQhKum7fYqrPbcArVQG6-DlZxWaPaMInc1QAjoXfqlNDveSh1NlmbZxzsZSxLRCcshMCCPun7bg39JD8VRIPaLDpbTGyVS1Z4FqDLwTNGIOvuMMxZk-S-_J-mv5bvuungznxmCNBbN9xDkg2CbG3auCntQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame C9B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZDSWJZJHWDQ2MyJpmRwzY&google_cver=1
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZDSWJZJHWDQ2MyJpmRwzY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENZDSWJZJHWDQ2MyJpmRwzY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame C9B6 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame C9B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDKjvWqy8KZpV667ZKFFcY4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDKjvWqy8KZpV667ZKFFcY4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 09:45:34 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDKjvWqy8KZpV667ZKFFcY4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame C9B6 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNWzAP2aCkWUDnYvW8YregxDtEJOmjW-KO9LyjLpmD7Aa4Xu47n5QSUlF_gkErYLmiBy0xdQH3MGnhILMBSuYIqpcZ7XGErPA7haYNsCYGm637x91sKvNc4W0TAm3gUL9IJPXkQ7T5J6e33RzOqpE4P0K51k5z_vB76KFx-eS3Oaft6QD1U
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 09:45:34 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame A8FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame A8FF 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame A8FF 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNV6yLwYBXC255eTNdaezbt3Y3CPYDyJqdgCawc0DZajNXZX9U78A6DD41HesYuU2yZjmdZOynWHCIDJmn-lyVyZObanxiRu2st7l6RvbXHIuHQJ3rFwziFz9uNLkllH8cvIdwj5fqxp--jCv98Z07NAeEG8ZMVNLJRHj3rDVMgFKoIyu1E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame 2ECE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 2ECE 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 2ECE 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXvOfNLzUM4HVgfxIUfSQBvim9fUZIj0-N2JS9OzxgjeXWHLjZAhvlg0yvRYx3Rm-RjbudrSMC2ciGI6uBzJK-i2pId0GvaRq-tfxF3-7y6uRaeY5J1AshpY38tZ_Dlb5GTaZXNvz1uRZX3gHVZuUYTpqcv7hmljkVB1uhKAPQtvLpQ5rs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame 2EF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 2EF6 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 2EF6 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNUGCvNww36Aycq7SYrHUdtShoOCc3Ou7Ddx-CY73TSoc62DwDasz-J746dOrKOg4uo_0aO92T92zW2kIPwJCSdE_aoyuAz2jqYryG9L2fic8xkEU7uRO2i16pbIf48IvtVpc0nMgAx7wj_RgCNmVOpE5jh4OTiRMfINNeLhjAwxMYTqQkk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame B3B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame B3B7 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame B3B7 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNXjvkAZRVNKu-PBQ_ycoV5KSFEguZzXY416HzZyNZbZ76oBnEzDyZK7u6LuMns7kHk7gcXmSmzIa0O7nlKHgGdHXpbjdjI9n9Chei3WqTKekBhuTQzdA3H1jSc7iapodCmwrW0rulZ85GKx5MrCtQK555e9ygJu0lv2mJG0IfHq4UjJjOM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2F6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2135420728574&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2F6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2135420728574&version=m202309260101&ct=77&x=1&cor=6023565654924365000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C2F6 		21 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJeLy_INdFPyMO9Gqzuey202TNSWorOQbsmIpFqnQOdtJgyzzC2yIECjgbQWTb7RaqC9TSc1E1I1BKhNg4xIHBRO7jD3V54kkjFsoN9IfIkUTJoAnEzlm7F6v32Xrp3X0weFw3TNbeisXuMu5JmmFxBs_5TwGlt4zn1F8IGa9XwKv1PZk&cry=1&dbm_d=AKAmf-AD7aYtU3oEdGI_Ugs-GEWVQa-cVg10VgGTml-yugqbiygk6lroaScIGGy_it5i8eCBa7eNOOuGO_-MBfnV7qRsM_k-FAWDNbrdhxRdKr6qM4-9T28seIfynZxoqWeomuGZl8Y2mJt3oKUwdIKg-YemNHQ-9h5DI3evVAaJgj1kYRKqrC3jG7wyXxmRo3z_CSUW60xsCqCdO1dkirXvEdgd9OCz_mq3gHh_VMF4SO25Tsr1Zf4rxiYKGzQ86KwXJio7thL45tROh6ASkoYMTUn5zh6fmIDZ45gky8wZOcE2JLrZ2jHSYi2wIFXfYJ2GvJ_eSGeMfrbzpv6pJqnU6Wct-Hv7p7t1T6LmWzAU0lyUXAXauxwyU7mP6ZtLjInCYPWQr0ejo0WGuyXoStfGpRE1UjmTgXyB6fWGwFWq-_Leowfs4DmAgavR6Lhp3HEXCqEBz2z-iRwYTErVpErZw0GNh2PUXEQWdnL8sQBNzUc7X0IMbR8rjq__XFzqzXqCuBauxC_YY_Amb-xFirl412tDjn4ShvLE2_ANhYHMDiyAL6TKoK4pXLFp9UIPcGNaYtb6nGgq-dmUKaUClKvTD0kKwDd7XsW4uEhluPzgjydp9g7K8ZyD73WyE6i30S5Wp1ZqobyYf0-WDgVCcUTQkM5qG-4vU0mTjm7wWBn3GsRj974hSl7eUEkFnSDz1ROOBluaer_-Z6swWDwQ155tVRrUl42Tk_IoR2unjix3rJMC35LkfvtxNInBrhUqlPJkQ3EYnVNmBsvlLnwVA5Whj-MY3UcKj9JILyhbxhpATLhUgHV4KqEA8atfaC7WBfGezxJFrxhvCXsTTsThTMkigczconmREZaoS_Rf0tyQRuEmvnsLjCk3TRIsa9Z7ejFPHzJ7LRX9hBujSmI3VGKKR8kCChakGkpnWcLE-FMfF_0BMe4_N3eMSO_0tWvo-UN_NlTSUxeF5ZWWO9AbZVdieC561eGVq17O-5GXhQ5YWIz6mKcUR6-dt3Ya1w6IFy9zYLFtTCKjk56W1I1Qf06CvMcq5P935m6n2K4xGDJ4WE9w3vImIFqppwL9PGgGcTENXcomBSM00CBmUEseQZf_9zilNi2ytbN39kscamNpqvlO0YMi3IuTeWfuHuWf8hIK9jBaFVISXpvqSCXJKGC38dxs1uMLPG1uiWU_6FwrHB0API3McOBWgM8mVLJN56SG3bUxArjjdCXpvehab8BAnurrWejJVdV6QqU3MvItDEWSDOZIyjo4XQods08oN99lb3qS_8Ftp4WTPSbQ2IJC1zZAWqTwNJOrKBMEnwgr5oVXe3zLKvbYoQGH6d1140yQoHAw9WvCVuitlha88Y9F39eHt9XN2mnvAz7R6UqkynNeEDmgYI1teuWcDAx3Y-SMCl1LHOqgbl4AupGbpCTFC8pV3uVvXs4ltKoPQ8htX5a0ninxAgdHVzC91fkPLfnILklr42-h-zR3Q8Mex3U8pw6jkYOQxrSNY57YIzX4i4A0lkeSqrsFyBCYQWyyvS7Vgg53tPlDnCXBnkUx1NsgvJURdkbQ-cmmpgHmlL6-Ts3Ue6sWg6CwDTexNIJ0UzSlA2xlP3Gne9xDT9uqK7xZtP0wMHnm2rZh0VJpDq9BElTSLf7Wx65hUE-4IMvFjJBBKuThP5mdwCYPDBupi_loQWQW2OF078n_8gXXWRRbe1wgDwmw6eBHlyCqnGv9zvoL3bbXbjBO54bNec7ciq3CGliasi5ABL0jGbCQavXwb3ARGVlCE0vKs_0yMgHGMSsXu4rBd3CCBPSqoDSEECE2ATS_AjBiJifGXwJicyzkCo10M1S8LThQ4rrgwfAFwU6RtpojJ0Hrb0y3fIRwN-ePfszRBOvLFzfT3V54uONXxo4Z0FlrAK1zm0N0gWTTZ_treHxd5IieMw__K9CzFNliTsKBCFTlYXJgbm0G0NPl9AdiYYWTqaP-5EE9cWY8w9zakP3QawxAQXD85t3c9K2rG6dTVaTak2DujIzJAREl_ZHXG5qvU4HzfAiTJFRNhF11lPCEZfL9PyIf3Uh5y5wb0q3RufDjN_K0nLLifqQboChmUMNxfmxVBUGLI4RIC4iyMKfuWe92bq-22jSmSG0gwEARnJW-_8PzEYr99bTB18_ROLe6wbYxo3KRP0MkMcu5HV5iZ0RnaygGdrVZGWJp9L4u7-Hw1fON4lDLfM6StmRiPCEq3W5RBdq6LgEdqZAQcgfeenX2V5L9_hLRsgBuTRn83UBpxygjhFnacmZSuKvs2jvIIMKtXRm4HZJfufIBUvREoy9GdG3fItb08pZMU4dRxFH58X3rF8xjNC0kW652pMGXs9sMOvJPnJeuZ7JqIdeXXUjVxnLNo9aCg5h5zeAIihwsmJOrnuzUKplYeG03A0A04tPIaguXh4gVsbB4GenNVotJ0ZmKQOtl6G9L28haRjaChXWc1yN9AGAMLq1tk_prkSSTtb4z-JJgVvrXoWmXVgucCOq2JpeeUEokRczGE3bfNDFwBW-cHilmuo8aUNg5aqf3PTAPynqqlauGOjjU50NeIEOKHjJ_ho9k126fw-MKT0HKxbaLOXLeqIDrMxLVZusuJy80CvhgjZug7jgWI_R2t6VETVzyWBmXbHRINzueAguhg1uMkHPj6c3ejKSK5Y376H8ldujYioIITF71P7mj6Vl3gPtKX34zDuY9ZVinHHy0XmNKQmRkie9RcFYZ339lSHxXjbd3IPVLPE3PlcqMkoYlOstcpBHTOmH4Q5ZC_kM4DpSjW8erXBjvFN76hA2CMSUYNQRzM1zoXxYgKFqxIYDRV2uTgDxVCjroNxW4XAZUe542tIJObmyVweBMn7EYiYEtz6EqZxnNT7WK1XRF3G_BW-4gmyGKcXGOpYHhpml1Y8JvImf3BdG7MQsDPCpy-b5dZvloC6X-1iEPSfWxhyvP48-V2uChcKcV_Ur3fy3pnX53dpfzT4xYqXEK7PYgn9Hg5Hwt5lGqUBPzK0OzzCn7QLj0Ov0B_uJ8TRPThbZNdBip7nszR1ooFAShDJ3nQj6WCsNoZ62qmhliGJWWyAbOnHJjokkaN2FfaLG7G8-GO1nc_n5IQCb3W799Vg_YieFdqYzUjEzR1s8F62TvSIwDBUFs2VBGmME82wQyhWUvlTl35WwcGSuv2wjDdMTD9dnCqMSfYqWMg02BRxFoCJXjoma4sodtD2E1pTX_vZw3JgcZacYgrABIRv_IgoVGCuMEKIjgrZ-XPr-NdMXDYwX9gcOvsjTrACaZ3EVZli2ILiJ6pR5RbuW-tnkKMJNqhd1nR3tXEyeo59I-bh1ZYMMPzR38amF5kmth5psuT7UM_PGwQpBWnd2yrzdWHr2QQxho2ZVWenLOXO_8vAQqLUU8l8WeIcjzv_yN33waj1ljffSJLI5JKQnVgXQpxn7Fxe27O2ToIcglueexREzuoZ3mpaQCMpuh-BibRws4YQrc5RLm6mJaJzFzuImHOHppqLKQFR-EPehF1ZsXVufb1CoJ_3S5gDchL4fGdKRUL-hTRVO5cS1HCfsfjQOK0E4GDC_rbxF6UsznXYfNc_M0RwKqP6AiseNkvoFXPPItjFHgk5vZ4jHRISxD73GCuukg4xunSFQ4I4RhnCdz3KkRgZ6Z9B5Ype5M6uakqcGz25V_cxZKf78WWJ5JS-SNQA4&cid=CAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=6023565654924365000&adk=943508964&idt=155&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2daa7b961c4e71d5ce79e26ae95172e34bd751e2f227cf691dc69ba2067db864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14187
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 5054
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJXdLW4loMi5C90htQbnmi0&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJXdLW4loMi5C90htQbnmi0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNWtuySX2oEkXU2MhvXC_2WrjDQhKum7fYqrPbcArVQG6-DlZxWaPaMInc1QAjoXfqlNDveSh1NlmbZxzsZSxLRCcshMCCPun7bg39JD8VRIPaLDpbTGyVS1Z4FqDLwTNGIOvuMMxZk-S-_J-mv5bvuungznxmCNBbN9xDkg2CbG3auCntQ
Protocol
HTTP/1.1
Server
89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEJXdLW4loMi5C90htQbnmi0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 5054 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNWtuySX2oEkXU2MhvXC_2WrjDQhKum7fYqrPbcArVQG6-DlZxWaPaMInc1QAjoXfqlNDveSh1NlmbZxzsZSxLRCcshMCCPun7bg39JD8VRIPaLDpbTGyVS1Z4FqDLwTNGIOvuMMxZk-S-_J-mv5bvuungznxmCNBbN9xDkg2CbG3auCntQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:33 GMT
transfer-encoding
chunked
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAD6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2681434786798&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAD6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2681434786798&version=m202309260101&ct=77&x=1&cor=164181914731393660
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FAD6 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A92q7hXfU5WotnmTjykf3nyyhY-Upyj1v5Gm7cXrpdrUkHdeTgtKVwhpJmMWH4tdy7YPm2SvAK94wg_fM6ed3zeRcPzwnJVTaxrPZ4CnRZuSo8pCv0HrX__JWn1qfMCBh4sSt9g03UxU2V9xXaQynTOe-1QPJEg5HwICcr52e3zr_7FHY&cry=1&dbm_d=AKAmf-ATm7TiE6eF2i6x96vDonSn4Tx28LsbN_5yK0eR2b9Nx-ISDpjFJxknTTvFz5NcH95G0TQfe4TMjJkOzrQKlp9D89w1K04TLLUDjbDSvz7fMEIXfcxt-vC32DatDTi2G-YcBsls-psz3volRnVn1ubfSugqbigu1_xiRjvcPxdFD0U2or78m7urf5lWMJIGh5sVHC5-wVGkS2-9N8AOPm0wL0QXLUwcFG_nGSnNH7meHxlZ-7RGE6ldIB9bHSOhQ4m9Ep_ITh9kbtSkCGG5I8vBreVSYIc9w1UMPXDD26lAkrPM0Hd7MXjIZFHUJOyQj7kf3blnf10dzQ7-Eu7-wkNsD6p8Sptc0AavoK1nl5xuVuHGRGEsxGyyvFRzNJHC9g1uXICeYr1jYE6e5tr75zBQ5ywDfaIHMr_Irg5eP6EGFTvi2pX9fi2Vjp1c6HnxnFe1XA4nxAKm5xfowuGOhze70aDR9T19eMblEH41rmZbKUQJX866FymyLVUEkIL61-ai0BT338dHSyiLTPkdU5AtavjrK_iWxvqx2LkTBESXFnwugWo-fwFir2ptw4rI1iM6C0p2BrWY_nHoaDVwUR_FPpp0bIqbq-VfrAB2Hk4qo-Z2OV3WdScugpkx5Br5Wy_xvvxlqP8f7eSlGYtL6KmUF6dop3uISerluLmv83Pl0InDjkmNoPvHl0tKqDBH8qdZglhd39zBTtXlKCwOL7vMruQuNCS3jbxBkwtQ8OZZ49P4ahrmaGakBlkYdPcOWzC6ICkn9XBwTha-l6MpgM2SB_PvGGTbzCvZK62_ynYz9aXmv-mEsTJtVUWq7bqywvtUeNy8r4hT0_4yOoJIdQPece32BOAcGwOOWSRxx97j6C4m8JSrS-LZFDkhEsgvU7XFc-aON3NyAXeDXpx1wlSWFdqyo0H1QvqN9xJUv9fz4F6q32DVeFS8Ky0q5rQFq5itVvGh9mcJ3CD0FF5omoG4PY8AUJuenotYbRac1RXfjIMDMZ3Xoi_SkHaRGFywOjCv1gCacTKljx1QokGkYp0WRpZGSM1P1CZiYj7JRPeIWP6yBl2S1dhG7IvvyhLjAsocuEI0mpQN-C5lZlHN6-H94FzdeNwvt2ScLxd7oOz5UOlzmCSRdVVNz1gPi2LvMGnPLLeyV7ZWii8WiZI6vE5kO6BasbgiE_ZxTHgg8H2vM_ubcP0ub5DbnXt5qzKvLqISd9dqtZmDv9C6LD3beyXOroaaPojxYPMwhNyxuUER6rI5JoKyXnWUjRvB3cIPHEUFb_Sw-oldxhmIX7Z3nrbsp9euf8VHkRtmU4xCyBj6U17hPufGEs0jvPUrUHfxE1nYFgPI6bJszozGQ2FEqreNX-iFPx2Xg37ynKb6Ni14dacWbeQpDiBL8ih-FWcbQapulNRmP9Z6KnXmbTsbahlsFFf5hNLRfi3pzsnrVSMlvCFcA_U9CnkLrgZdStJNwhIKJH3iWmRMrBvPn0256sd5NBJ40hG285ZuBpHkJ-O-mAV6dMtVN0XAlK6hbt6uhjeRKUeOKPJDWHqboCaFiyNhxz_cZlw1QljAeGCDwbyBfZqBoZtZW5AR5ljb0cjrdDM_4GbLwyY1Y68HzTQLz1GpzJNZgPWLaMdTao3_lTosyTAIfFKloihDWjjezCjZVDyd6fmvFckKrK3K6lBJCFBBfdsVFwvO4alXw6KXG0msFWJoSC9piO3HUJ5LEOgtQrJwAx6XiW3fbyDNeLP04SVsglXF6VioZov0JIoUmhidmY9xCN4sELXIhodMsy6s_AGzjTX-qE8SENOQe1fIaQYC1oUzbOJF3Qv3qULFrSWytSqZwPu-GgWkiZZ31jpYDdoT1V9iz-u6YrzpyOCD9T0m-AD0xtkLJbQt-wI9tEnD04MvVUa0aGfFmhA9v4V-5EgUSfUWg0HazJRSV3_8J0kb-Z7aTZS9pf6oHVppAGnDEkIqu-3pwYY5cjZU5RKMXIHCEkkgsU4XQaS6IiWcpLtqfm2reykQtlot4c8OedXdPd2VNmxLq4jiYNrYrk91wgkL_cyw7e5szQOAal0x8VXp050fc935NeC3RNxlKr1yviZNhHcBLMtl6ZgZKp3cDmDDs6TXhpMCxKk22oRRJpd7N_kd3ydG3NMjIVO281dNUMXrMU0xk5iZnze9Ud1MNs2Kn0pvsVLOhVuqaobcIhY8bJlp2FUECih3VSLgXh2yTiOMexnvA0x2dwd9iw8hDBiJXn-REzuxbboKTStz5NXhqb-lLznFo-D3UA8tGCO23gaUiBsBNpLykEWAeGsj_wYpM9WY_GrYhRSDAh472kkogsdOpHGOSxsqKY5hvxDJw5aTqPWN0ZxSBA5SsXXEK8S9JM4Z7tQMe6MiDGpKBmjvjBRA6OvjcfvGlsfUkmqMr0uaZJo0ZxZhy2J1GAOtA5UyRfyn6iPv2QDng4fFL0WE66J2gmhDY1VkSxu55N5NNsKIC9o6B6cBE2-UFY5AtvDJavZFLmbmkARr09rBffT2Ff1R-gCSYvJM4_5xJ7P_LEkwMV9vYZPriO_rvr5LFafwz-1rdWDlEf_33JZcyiscl-3Xmo7RVWIYevgogjIN6bT1C-nSoG6vtQYVftPil_nox2argr8KFQtgiIcN3I1Fr2L1pDsPUa7B-zHJ3ppYJ3MOHFH5ZtB4xGCS6Zmw2Aqj9NqlCRT2Cm-DoGCmvbj4y7RIrrWfGJXBpri4JArnBVO0VsY5Z3QUY32NHA764j4bktUG5UKXTzyO_qRf5OCeLI7yodr8v880hh9SaOysTlyV47b78WEmyVJatItQnn2Mk6u3IsUs3lH5ldijUDxex_SLnDvyuWXssB92VALkdTK1KwPWrpZo-L50XCm4prjp_I7gukSTCA5ifSTf5dFJsjq-q1cwLiJ_g3qXUuPGj2KXw0bJRgWKth_KxDKl4GdOAEDJljhhQ2HimAK7ia_6B85gTYnNCDuc2tgbVvJcOPXnWtN5Z1a5MEQQKhpXRYG45_EZRNag6vXwrh7EJ-O7CqXx66ar4nhLvACj8XDTUg5pVb5QCsnFwjlPj0C8PIThHBScNpV94bOTw_kbSeE4mQ2Tr5w8Qz10l3onIqtaf9t3AJ7VahG31EK3wOB7quwYXzRfj-TRhjx9MLHTvvq_z_Zh5uN0F_chMEzxSrBc2dtqWrHgCbHRHT6I774G-uwN5syUhJ2GnSJEtG-nJMwhqw-ehEq6-feyc0ua8NincP7PL5BkyA53ZRie4XKqgXbLNL-2fSKb27Kd5Y-3JrO9N2HKGA1PG-MA50ZoDp6xRndq81jqCJEaxr_YhBPHkDwlVqdWDofhevVX2eyD6cOj9RU1Ye7NxI2Uu6VEpJUTFcRtUi4AfRm3rfMd4wzWIAoq9vwVb_K9V4-rOEy4IXxknCB13JweXKPVRQtKXjEzyrsgDOBbNnGvKl-qZu2bCbwNW0OGHJmuQYbm2Fa8BxVnShK_ELmZe46McTnT-11LWsNkb_vlykdfzeelMLdw4Uzkt-yJUZeJAwJJPLTfGvoBzjyJ9V8r1pi86fjUXS3wNUZ3tMv0jDoOfb-fbkh4-ixoUB8UrZvwqCFxYpRwEF4ZEq9wz1hr57LYsBbaOG-kWfoQgdBRzDtLnzrA2_5fpolZcN_aIo8NlBUAKHXeFzRveSW3xwbYd59Yj_5gITJbUsMx2296Z26lEVgq11iPlJBO8oGl&cid=CAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=164181914731393660&adk=2228999114&idt=153&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69209ab781f7a254eabb52dd600372fff97110a55db5228c89362ad1556e6b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14115
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=900136931182&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=900136931182&version=m202309260101&ct=77&x=1&cor=13049535889327150000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0070 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1nwV9LcznS6amu7Hj4xTUj9bJ5_OZHmDkMXqQRj1pPJbHcYrhSa1hyNu4Ix0YTBqjAdxdPMNe_MdoXXsS3OO73bl_P7g0VrFw6nuOvp9AjCPNNNuHfoPkRSore_b7JYqpTDih3l5HhvwD6xXGSZQq4JqTyjYSxSs7vMEjE28_8QtCzq8&cry=1&dbm_d=AKAmf-Chm-QI2urT7Lzd-RpHnx4R-FH41kaSmFg7TOqG8thsyupEOFUa4ztw_qc7LDwXm1UQ7imy5nxwYCM7yaTQtVw-_puHaoKICUcoi4SOGyu23SN5HbaBIZ5BK9fLqbEc_QymlHhfAYdYEPh-Hws2Q-MebwZJ5GV-zVUcazp4BKBZi2asfGspUSLFYgohAw8zc3W38srIB4RSBKxdRv1MYDkUMcQkf_3APz7nm71K0n3Iyg5AF1mZtnNxcPk1Jv7p-ntJaZUePLJ_Dqz5KkPhR8-9zB_Jenp_7yHc0HiH-7NfECnjb9Ns0QFAG1d88AybhBnoPJ-xZTJe9NUAxJQVGSjZTv1XaoUEyEFTCxR8uhhdnBMXk5I8o3h-EskjklhdMmP_EI9nnAHLz6Up4QzYJy4S2gkWIq8qz6QoO_liBuKSbywKjPxTo5aRX_ZxOgJGUHU2INQ1xe7N1NUsVV5DLhxzLxqsyyr-05SBqGQYofCFtSf8MfA0W0S4kaTSxwrd7R0sFuxtno-_4jUtyJhFKlX4nMgGSsH1YQXdLMgsRQdqSnLxqe3MKyhhtL8k2E115SB6tdhwXYUd3UGKsXOOzLQSKUWmZopk-ba6oQgqu63w9d6lzazqwZdITWfmOtIjOLG8X1E5-FAscq0T36-CYBzwvtOKlzyjbdew3LWdRWwjmrGXIyB5lsyE5oHMHRvjocaUmxy7J3xdvnbey8O7w4kTi8nSx4aeHePiyfdEdBbI_SEqO4bvQjY1VNld3N41VmIBRF_DDK9kTkS8CabgX1eqAN-h1DewxljWxhLmS6uGcHdVN9uqhzglpuZZh-f188BDNJRj84SStowXvcNlnIHHVOm3A5f68QxZd25Pjs3YwYtfD704M-EDW53MaiBFKj8jGSiTaI11_84VdZbG793XtOH3u9s-VQjaMtkVQwnCAs4iJrbetBGtqMEMqfFLD0VeTGjaMC0gwIbC0npHY96RafkU5mk0UYCMUwfeqhCOkh5wpxtDtxGNieTTRDDLPcaMNG-zJhyhPslxNV0aihU6DZcoaEcZ54IfA2P1GW9Qambj6gpaQzrTK3AdPGLMiHJCWLD2mWP1c7XyMH3PwMvsnedPy3Z7fN1zquGww1iYizn6BgdEAzBVspCKERJrsHPH7Z8K7Kf2-gFhzwmeHCogXtC70uYut8RHNDAfSwU7J2vSGZ_wXC4uaEgCsEECgVsC_WyG3cuKaVocB7qySy-Pmv9D5wCof9OAUO09uTkJaRKpn0eF0XTLLkLh2nQyy_DOYqoHugq6UUD3cUDFUOitLP4fpR7REE-4RuHyCOE2Q0iOO7Y7R3aJDHJUZ0QSlLJmiNNzwfjlONGkx-kHWA2TX3AujcrRrfoKMZDUF_5EC-Y5V0zhxe2VfEB5dOLHKyyUnUnH1JclHhFx5LZ0CRkL_4SjdJhtXfzPgQm64WQZ9qykNtCFTH-Adgtyqt-hV6sTirDe1svM_8-KRa1rnZRU4uU9NWjBsGGN28LvHFlecLIlOrnwfCGSD0iYWt4tkhrgXOnAn40Q4Sfcao38CQtetLP0FfajDqk9-TvK3uEmKghvpjwWSQeOdjsK6_9IDKgdq03VwX5fARz8CvaUm09CUgtN5KxiY9Y-80-WAA7jPNTH5MKJ1zAq86pceVPPjhqDdkkYEjPkMmnRPx26i-QDWx-aqwBRPIk0uzVyOGWHLh2mdcqV0dSU66auqiNU-FlPUHJF7LgHt-bcOeDY5mWwUt_LXzFMWNI1Ik7-j0KLhKy3cb8kFltrHKJZeXA_4DijvozdhvcARRip7ZL7nB_xHkhk592RGOwzQIjOhQ15EqJr0vDBw_5uKxUPH9gFsLmj0jW39hwkHTWcC-odNzT2_sGJi0uXHVa-68VcLQjtAMAf-GSfV0fsuEFPsSYWIVJAtdSClOG8TA4mMxIA7qB88GdgmoIyF8eV4lH6YILWxlRyU-KIqPsi1QUDOg7566M-55Z6qNyFrIVVDyMckp81o6viOCOV3h6JIB8tVe5H68MoFT6888kKXntQ2V3TS_n1-4Xp0CB2fFvUcn-YXdwD8YkaGpP9sRcdp9s_PS7iSsbMlWNP0HC9fkGJsS7Pw9aftqfG3Go4VTQ02NhuuReNIpK_S9Dcbo_Tgyg85L6T1YF-ZHOZJS1mGBZlC3pBS1Daj2RDAkLOaguRxNKOfUS48eiDk6rsX96_YDMB-QpicnUJILpNmktPgH_7pcjYcaT4OspZCsQOtd01JjyR-KhVZFIjG-XViaexjkTsVW1IrGXdT_czv6G_eL2Ijdngh7lMoBYoyswbuZQE2Crjcm2iRnOBaSKchoyW-kzKrkixPbANKuGgyWDg916fqE2mzVq6mCUW_MmIdBd3ZHVpoUjYtuKwNrdhJixsjVSC57NlyIoTqywrMyYPxxleY3jVcZLptcMAJJSYEa-Li1bLxPhfWwOvei3zf_2rDM1uD17mroKeVKvAuE13drRApaD9WKgIwS9wCf_kDLnoEEXt25PnUpYtmmkPgg7yq727pbTiR3Hr2zS-F1yyu_SH_VHnBqW5VLOLbbXXjnFESWbG64jzT3t-ADZqu62ThupZLHC_JGtk1jaMiZ03wG7blDJJC_UF9izpg1OGeCtd4MX0whpq91zWKLZVO6QDuP8KDcuHO-MnmOpPXFSmw9kInRfB2D2zjN_Tj66lcAaM4aPyzyBncFtQgHeXeLgLCAyOcWkpq9JXM8X2QcZIgE9wXFb_hfMhIQ23eoG5Yurcf9XPoxgrCJ0ykKiE9DbzlkFWDxPGfI8ED0P8YCEaT8tquW3LJAdzBYK5kjpBn_r0CYsRaJLx_AT_IS4wNNz4Kes0L60zz9-KFxQxdmeZRoSen3IXXZska_BFESL3fWfXAMi5KePrIc1gRFEQGNSqHE6GWPULegdscab6VjGBHKqP6vLOMFJ1C5j0LBOUa6-2m2xvNyuxXGas2JTutZZ9Re0uW6xYR2rjvod-2wjw_Jefs_18YQKhdRY-DqeKXkM1qY3ZGxdoqc43JUNvYayBiRQwi_tSQLhEYZpgFzX8ITnz46UWu4sFsgFrt6BrJSY0oqpiPrQ_kLK3jD74DB2rBX-K13I9rHBUV-JMAo1j0Ovj5m0z510U1nbWct1VxqpnxvyLZrctODibNMF3MZRaRolw-7PcTF8i4GHl0XpZy-MdARn6qSHFom1WJFWHrYkhOt8E7HfzMjkR0TFqhfeGx7vk2elhh4Ex_Q6-EUy2jWNRDQJ9HuaxOnfzkLr8DzHqlpEdnPoCdOIVbtr0RD_b1VaZ6yOR5eMXEp4AivMwF8KvctW0tMw94Xu1MtxmSNJjj-LN0Eloe4Ozt1wNqR1AbKY-E12RhNQknOy4IVoRmCFPjl_hLjKAUwcRvaB4a75ybkBG1eG9SlP6spjWdMRPUOz6XcgmWUiQ59QlNSivSpbTqBemACBrhZgYZHfvb8SROv22TtQxn2rCPHbx1XF012CPJvBPxIyHKnm2ma4TuYFom-0FNUfuSHcOrXuEslUnbmQ7Y4FR_HV-ffh1XF3fmfv1iW4DsQ0tOcod0ZqgVYw_FH_iQVQW7mhhM1KHdTNKs866oGMQ5M5k_tWTCLMOucHJWb_1CugYSUFAzjqbiSgJUxJOWNOtnvi4U2fXLtgmw1ieKWKKCCsIlbvbInjsUwF8_DM3gByVXEw&cid=CAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=13049535889327150000&adk=2086295848&idt=209&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84073b5372c7a069e61cbf9deb72a65977e33976fc6a4e7856680585516f98cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13623
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5667311343560&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5667311343560&version=m202309260101&ct=77&x=1&cor=1565099126655631000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 98AB 		19 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhphIqx-tMpjqSzg5roBDcH9r3blCC12otvU8wMTCrLnMPYnS7cErX3yqA05pgflcNjYkNzgl6nXKU33WAhzTXme7YgwQbS0QXgP4yl8GEGkbFUFwSYs3lv8b82eAj6WU6ZKqm08-ZOWng3eNzxxwDwIKMl-zF58CEYL4JkkUNPCdlsIg&cry=1&dbm_d=AKAmf-DHWjT-R-13fzIRfqH8Ingm6YNpaMcy56kNsiaGhZ7H-9kuQUPdgssw-R12ZhXqoCGYI0QOeoT672Y0yrQR5eBPa2R_xFqStFe4vgFuEci2tYsWRI-4Pj3xnT2AqqluXJP2vtvOmtivIg0RREqxtkatujjDWEvnSm8UMcGabvt8AnFKj4T2UHOi5I0tAFtbHEJfgqygF7Mpz7VgSU2osCzATUYEmBqhKILWvX4NcrmHTglxyW1ctLMsodVZCh0Q5FcoMZuUhSEmHH67A42R2tPHGhz20NyKYBMCGucKljFlo8JR2908ZLIQ8oca3EpbNIlitWi8XVbB4V_HUHgu92anP7_Hb221_LT4gx68yPtKVIINmpuFfgkwRx37m3y1NCMr9PWRvqIKdTD7kNyA3Ojw9pCVP3Pv3cxqrcjMaSqWeeTQDdCFUK7Cpur1ds6cnb3HaZob2d6JuHHcUY0pMXAvo1qaBliAGnFabQ5yGhCwpJ4GB6OhHNPEuqsWTGOjKALZZAqrjK7pCuwxrrjmoVdoZLKd985t3_ZHlqX9jFZdLo9vwFegLC8gGN__MZEwE9XMrKKCHtTBjjqgLDk2vL8cxYeMOXdzgg-R9AW0G--7XBnWotoiCg5XOnqGDzpNZWHsYemmGvowzHIOOOt3T0h52lCp6tP9xkfHmCrmlb_kMxN4KpArxTpYlVmrOSFH5pfK6K07aNasOK4AuxvSTWrK6kOarhD-qImdyQ0SBMCMLot8x8VJks-D02-wCSfd0H3AUVlYTGflBkJdZNh6S9XI9cvjdvfbPw1NsPKmPxjCwofAqt0k7X5fpyMSgCUTye0nYguPnn8yKdDAWjiKgj4gth2Hh-F7Eak02cFlEcJ-ClX10eozvV29V0Bp_sKR4uNHD8h1aYKfi9X1F65GTsyoqd3PJM9Knft8MMKhBEY4bG7z9KVcQHxlzLXpeX4bs68x0F7QAtPghuBa2uW1cKFznaaP2xwI3EvvTle6NRQBeKFewPeC3e-N0LVxOs6lqIVekHBa1Nt4h-I_w9A4b105PEjNHE-jhBVXASDnD_SvIvsCYFVoBmVHgRGwTd07s2irQ-iCQ43v9ZUQ9JRD9Z2Ul1FfuAaIP372s950egqYQ3nOLYZR8JtEQL5v8h7JA7ZCiZLFj3dplwzvgY4vkVdH6b4zpIqDUxmwSqjb--60JofY_VvJifxJ4Y5HNITRM9NthWy8O9UKwOBBe-BfGfZdIbP-rGI6lrXWhxbkiXMOVLlvaq683-Rcr_o0FCPVMUfpuPrA6LlKxmiEKHze28ILU3GUiiXtlJEc5x5HaCHZm4yCZPTsiSUZtNdmdH3x4r2UOCH7qnoBqjH_jjtuQO2iEtjG29Am60L2Oc153_61SNNErLOBvDeNic7eJrsWlh8o6LCCIHWSwpq7vlGowQAlG0MBE1nrRMygiwNep9tDxvFJ8qhP5Np9qmekUCe5rEc6wOLJwo5EEDVh1hqjs99cRZwubv7VdN0AnF1Mf7vbj6YIHOKGRfPmkeRs-2yJ1G3jaNRN0l3r0i4ewjL19cKzSPHSDAiuzCdZVK0lW-waEzP66sKTqYcOtM-eB-eiAhvNYmzgxo6zWI6o4wRZcYPUx_FOhQ3qb-y1EGaFsLMcgFMwvdHxfzMH8IOt3XSNYRVWNZMoCO-RQRO5bsl_dIUcJ-nd4aGqXcKKZZ1zoQ09GudgupTcUOSLTNUFLMnTC9rOz6WqL3Ax7-7ejfWr4aeKRo7hNyrpYj9rdVzhYhGnMiqHhqGGVO50YjyMsZYGnXi084YiQNzmi0lpRgXY21CEhDsypN5euBTUBbczWr0FsnCjbn9tu_9st5O4UwJ_wn4yOCWVi5fyXD3BkAQ0jgco_2lvM-nGH7ivVlt6IwDjMXlNTdfY7nnrMfCIRX-O9VzH4m-MK4AbmD5uvFMEztQl0dZnyCIZ2fiXR-vW4YRJoXa1c6zViaMC6N4wOdS6S4kqlCxrjs1TGhhPjbhYeW_0-UbMyvbp9z1ny-6Wb6bjYXQ8ZCBNG9KxGcwL83GoZFfy_PDJMKiy4kIO22XVxytmzfriWALZXjiiHKYj-Z8KUE_OyzUZSOfXScnnpzCvyJLsHYXeW5XG_Fmf0qGLwSIxzDTwIrNtC46AQPc4rt93Q2qA5bDr-Qg79vlAZ4rpIpEnaHJlUQ6eeZtCxs70mua7a_meoH6GiGs2TLja724FCZYycsCz7MWZYIi4O0-S_8S7SYkdIAhjBJB4WdyY9P14CRnyhlsIq61mZj1gJBp_-XgTljki-f3KZXbyqgTNLfOQ9YJaC5DNke76E9n3jHia_QK6k8bekgDALvrdjprMDs4eKj8Oa9IgjnUlUqx6J5U1I2H6MTYZXjiihw8dfB5jbPNNZmK4duag1SVbeV6MNUlwdQNBTPhQKuy_xXrei1f2r8Ne_WbWubARguEheZMDTIXdC7bLwsFm0NMumz0YG5UfntjtYLwaMsdc_PdrTtB8_G1sgQVsmXgbuzmFAKVNcdffzdVjPUxu6KQPoOIVgQ3H3TYyIm6_qKOBKUQkz1I2_wy2RHThe3HUA67SYn9iTkH6p_95qim0OnGBVcgYqD7JonRARroT1q4zi9GARDow0tUBmL41I5Z3gtpR6eazKOLM7SCuFdzq4OSRXlD7M4yib4T3_NMOG-fIm5QHl7JGFdjfqCJoaMwDtV4GcC-nfB6YgkZML1f1WIB2O9pYeMXW_y-1Ue7IAz2d9IkQWEyWXJm72HSrLKoj-4P1IR-PU0E25-lehbDVY1sVZ8IFoYJfeCVE33ML7uI67-rPegggGm3nHKCxpff--wCt8CM47-68kFfhavBIWljt3NlaqsS3OCaCtbiwULKhru_a_gL62JNZRW0Gs0W6_Wr_u8WSDoQL5rb0PeHiJmJ9Qkk8SxUFsEiqgPsYtpGv_gyQWoC0nWjFl0ruNb96zInOutdFjMzVCT-T788n6Qfnb5BQj-ufg3LtcHaJ-aUrAhDhWmJCYDZl8k6aDpELVf4oDCrzbc-4GlEE7zQjbn7fvlxipWWfqYOnJ6wanOlyhjYq4HR2j5tD2AjURq8HA8ekMV5AMILiqCImpwQHVh5jlQxyOm2cvP5DvGZjTvXeZzP2KRf98iePAF0X70H91-zYiOADimzS9ngFE1SVD-ic6jh_3ItUpy0PtR_R4Y5Ech3LTf6hedCzDCt8Bzh5Ko-ife5viD6B_Yn4-PfYvNh2kKf3MPAy-lVJsf6h1v6Lnp6QDQW22w8SQ5qq2uo3BPjaPtPGdR7wpb31uoSH5ERUQoWfMkGp-VeCoQw2qaIweBXdT6A1yQ4jaJAtrOtqMYq6UKX8xU-EL7CAYUNegEAVscaAAELukggKa7Vfuk4ozd0jiz_jiyg9sYRff3YfNG1MTduXIxCOSty21EMX6caMb1j_bWpbNO_KMBH6ES9eB5wJZ7nlY_nIGLZ9g_eR_e-jmDgd8B03KNeQ1mZaT_7M_i-NUMexGoOrpoCKP9c6zIguJNvloeegT2_JvpXZZFIOgkWCTC3V6pn38R2Rz_UFwSQhFogLMfHoB0lidkxio2kJmaVbiEAsfE7EopSb4bQhXzBnWHNC9Sg0aSRS_wZb2pFU4EpQmomTmSZrjUcjUb06rBBhPYojGATYT1BBtQdr2EjSWmeW5yEEcQtrg3PW3gKU6zWvklwgPuX1oyGAGaLBmXvaUUSPQnO0otYGil7jTK7ezAAwEg&cid=CAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=1565099126655631000&adk=1877897942&idt=119&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18a884b21bb19d3941bf7b5c75e3bb10e145e807463d8e1735e6151adda7933c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E28E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY7mhybbtpKYCSJQKsqgKjj7oAY2ay8n3HM-poZEUvMqOXJS5gNTRs2qAQuhGBcDWA_w8BYiTdLlqWmwlXtNQnE5H3PS4EohFP9TVMMVugczK0ieyRY3gvs251A9RCQws_3lrKtRNXiCXI5hRhUJ5KCVAC1h5kEjmkGStIt_HQQl5WSSQ&cry=1&dbm_d=AKAmf-CjMy9ywpeiuGMOHRsVwIbCX1LCtsM1eQM77-4zLKaalPHNaKMa3FpSMKyH__KvUbzm7LxeAc7eEkTS2bMNKhqRQVFotFYmfmI2cehcE7Q8iuWy1ZIhg3bvrT6-4s8Nli08N-Ldp670iuTF3Kq5KjYVlDmNURvskeUcHXX4fp2faPH_cV1WzUiY4JFigTMe69B6dX7v3FId3fQmUT8ygP2fq0bp-HzjZXhRyfg1SE9ncE2kUC3qFxzg0apo64nHESN3DwyAFv8blxhEXpIFxaA4JS2C1s4xUBalP-2HEYum9DlB7kO22YlFco7uTGxLTLXmAZ_ceJhnedhD-Wtq29Isx3lp6TqZfG0tJ2qBrbcyXNBSH5y4QZ4O-lGZILbp8KkU3Xw_d_C2A1-R5Q3LaQSVhK2uPOvE2Te6T2rKaj0X8afAePmUcfPplHtQaqnLLQyurp0qRzUjQVwhV1MdtU1mmZik7vtZPTWpgo6xC9upC5GSQDfdhx-wm-9zDrwE-Mk29XeLwIGpuX1pBRlGrpNHTebBR_m6CzYI_69dvdNwKy4h6o11Mivcv6yf_avv3A9xq0r9Um0o5whb03hq85iJQWMzJsqx0L5spUl3ToDhLtLHmjUo9VfDbntN845UjQPlXIEHiJBKhBBCKzfCuTJDqw6yArm80Rr4pEsNpV-33guqYTJXdKEkYvQq7yDMEelzL4KyhIJU1TSV76A8gyUO_afjfAqdyQ4PhL8ysJWKXt-sE9YLO2lSCO1ecr8k2wBvGYtC_BlIJIDV2SZmMW-nEGD9b_07DANA86Q3o_auvoFlEn-z7oavRMo9S2Pr9fcYSdgNinsc2eieg9coU6COoZyoSwjDOjiRSNc48duaTZUbnruyKNjd2W1cHUBo1SM1WnokYUOHaP3cMs12YHLZUrT5N4Y3yvRbGOCnxfX0Qad4hSTwh9za7zFl4ZEY8UCy6zbP60YO7tbYu-d2vxZHKQj1K-4IC4griNky8QSE2xVNoyCJXilrM7_qCm0BfGdmZQJGrenT8bB8AGz2yWR2qFG2tjeXRzDjI7x_Y4-b-ALkFm45e4K4u0DeCWDhL9EPMNHc9FfK5b7LsX0O_5iTdofb4Mh0RL79W5f4LnwolYdMU0QUDN8Cjy4-ddJ0cH8j0KzyeuHNG8GkzqN8h2BxMQ3giqeTokP8t2YL2vEPqFOhDgPRm_FRNSWJCdw1VTUnNHeslSRMVWBVmIXf7qVKFVFy-bSEM-WVwUkJLuodQgKzOsd_xYf_Kn6n-iYn8rj47rvpQ3n5jUjqmgCv83rDUAl1g0eJlwjy1z3MPTzQwfqHnXd_LctXhPrHCPinVmiVf00IsTVLirqxwC-l1KF-oHwHcDuJtqdSx2YvyaNFT_LiTMGpIMuYlGzqh0hTkjuhcgSMp4YUIDs9p9KmcoH8HRgAnlpK6attbLsYeYNmTmxIwkM_2ZZLSDxYTNTsLkbUp3DZ5nRemeT4Ik4K9_t_eFLon39SQYfq5tVRUNxMxEyITeVOspzFE_FB5NyEtofg8-Tt6oAr9fvN8aD2AhlEf8XKIwFWlwJ7-dvNGk6wu8l7Ifl9sePpI9KHkg6PyLaPr-q1ZV-L9z3s0MYA4SybSlqonAhQTUR33pZFqM9EETyrMBBAZ1WlZvQAG5ER9S74hgyXbKI2qN77AovyqtO3bE1hmJrw3Fh3Shvwh_Rs8MiwNj1W97swQSzw2rTexK1L56vkApbqN3HdacIt8zw58ppbxShfnWFA9JGQnGvHcvNFYyMcsXSKM-Vj8jqGbDqlU6tczHL7kOFCxX1bclw4wToTb-G3oHtbyEiZUIddOikRL9mG38m5n_8DjSJZld0L8naFpknKLdtna-eRimCdCq1jjWq6l8ezf1x-BvbU5ciishtCo3QKgSvE8WaRQgA98uZzxlxRtUcaIu9VMCT5EJha9EfuYR8GkuFNUiw7LoZsqYHOXtEkw1px2Uf1Yw0MTzM9TVtaswOIqm2z-m-HHlSa_SYs5LnEa5RiWZ3uA_Ea1Wq4puuOZHbfuFoDY5ILLHLABJrmePoC53by12NonVgLVRcs17RtL6qez63lsaOPmnX6f0G1xhVEHkvj3B4KQe8UASMfIFBZRrwkJXWWUqncT2JDx29uaj4dQS9zAPpSDRy_tKVcoZW8SFFmwZ7-9oCV2fJft-qvDTQ5xNQTvCuqCwHaCrTMVslT8S_y4sonrCeAU7cZKZQMm6WmbxIwO5ISTZhj6ydVYF-jgSjQzL-FvdWEYJKLPtjny7WEMIsn4eo3-E92uzNdX_6L9UDFTWbPZ7mOkEp8-PnKEPNbR33tbKFQNDoD-WmL-0SqM0HQrK-mzTj4Gmb6eJWM8jxqjKpI_XL4AknnOGqzeYXXX1nA6P4WtePG2p9pg3LARL9l1HxyBrAK78viRGzEK5_uLP1S20IlboUGzXVmTa5aG5toKfHiVZH1UBIcQeg9l_kmXdXKUlfyK10SNEa8o34BEDSiq2feSe8gRGZh0pGUbphXU2vtKDnTPmNDbHhsSPpULpBOtUkP0Nh5Q-BZxRdMpeAuBDFzv0iILFdk-80G9McQ4pvfn5raKJva1SfGOmUy8XvQ4KJIPE_55MJa5RBDjpE5TqMe9LcsD1A9RAofyexdy369zMw34bMvtLoC24Qn29DXIyu0kKc6lUzkK99WbRL1Ht7QGqk0qlI9o2BLL3PgVgJcpa7_d0g_IGDavhaWK4SV4xBmmEvfaOPpl1HX8d5Q8qj6XvhzYlJIFhlQVQsNhgbHQ6o7za4BKnrIxoD4mhWyQkwXus48ok1WkdNSYFynsvOtyWcGl6SyVZRJ3FVvlwYYfaO2ABvXdbromqtMtInekB7geFEjb48Je8vBJcLoKFjBU1b-Odpr6jfgNMwq8uK38ueweuSjnC7vQOtfcGCW-kkxS2pKl6K0W7cj0CekMWRYCRu_skurQ_qtWXqH5bkjFtI992EGbbSi4wB_6K0TZ8NDihIZccpJtXkKRuKjthg1pnLeVGamyeDyA4ZJ6TLI_2jF8ML4wwvdEuJ_KF05x6I_cGPRa0-5QYB87rvQcg7wGyfDIs4ENBzcM2xuVTGDJF92qFRczNvZNhLh4_mkG-6YKkrHHpfBcbMZ7G3VW4_8nca_mq17k0OQD4ITvNJ8dphALaDjzKFl97iZeYOGuhiAcg2P3XHAFYQpb7fzInWfNy3bN0nwuTuxDZg4-oYu4zNsjBVKBia9iHTHtjw_7PdqZoWWplaHvsqbP8FNiONCZJMhdS3hqqwdWcWWjDjYFH8fCPNBNbov0UZNX9lDi6MRnXO_j04DKB__zqbNGOvteq-IhwCs8OWtG1C5gE2DUuK-Nl8Ts0EwZMpY9QvP0s4wDKu9ji9fxjVH-NZzNtLzAfbEc7eqgD_rcYnyPpmQhQsfZU51Zd1vEhwaTgLM_BtDYu7idTIezuBUcRVbEdAqValPmGNJuu-_185LsQXkkhHykts4iqJFcorrdZr2Xm4XNQOC9FJmkARV_IbGSc1fpYWM-vu2YWfHNqpq0jl5EzqeIkGylNBD7HzYX8C2b3YStSsTwBxeuUttF1NHdaIyFS2-iGLbgJwBxlSS2_jtV9J3lX0pTRM9xYChYnSkMqOKQzHdlUVlytcM5bdqln09UHY8PEiZGGoD9L6iAwNeiqPgjeBa9sh3NMzakqM&cid=CAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=14469729380696943000&adk=3047537734&idt=84&cac=0&dtd=49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDAxNjU4MQogIHNlcnZlcl9pcDogMTM0MDU0NTMzCiAgcHJvY2Vzc19pZDogMjI5ODkxMDQ4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame E28E 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDAxNjU4MQogIHNlcnZlcl9pcDogMTM0MDU0NTMzCiAgcHJvY2Vzc19pZDogMjI5ODkxMDQ4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNTA3NDM4Mjc0MTk2NzU0NDgwOQpkZWJ1Z19rZXk6IDU3OTcxNjUwMTMyMzg2NTY2ODEKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTEyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxNTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc5MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x9cf023a5d5e026770000000000000000"},"debug_key":"5797165013238656681","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"15074382741967544809"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F050 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwWfNywZ-3Ixm3q1sSfhVynKvtWyEnwk-BlkHixTCLzqs7lBsTx5o3QLB8JahVKVnOweewv8GMXYjI21pbFCmQCqvzsJSwMTRXo6zlv5OD4Hx44NN7EqQI22oIZ5EAIcYYXuo6TvGiW46thGZeuHZHnkox&sai=AMfl-YSQDTBAebwNXChSiF5A3O5wiv3QHJCZJ-GRRbC8_Fuy3Mbud6f0OWSNwG5_qUR1CSZOi4Tmw9ali0WWF4VYKWYhcca0_f77MSyKGgvJhSzYFi3nwKxpVhzrCI3X_A6XncCW6FmJk0bT-4vnY2DN7g&sig=Cg0ArKJSzJFrjCe54LVTEAE&cid=CAQSTwAvHhf_gkmGYSSwlbVIjgoRQKrU2bveWAeU1pYQMQTqUqeONS4Fofp5lZ-yrQodqGX593MBoqVQZIVlj9eo1ZTQI5i6wKh2OiyQfnq0vjwYAQ&id=lidar2&mcvt=1075&p=0,0,280,1200&mtos=1075,1075,1075,1075,1075&tos=1075,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=927568129&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705052732114&rpt=977&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8343267435364&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8343267435364&version=m202309260101&ct=77&x=1&cor=4376031596484057000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C9B4 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQNY3OGVw421PZVyB_6y4hQIAfV1Ld5OVYlLcerOF61DJagafd5z9FSnjONzY3Wz5vqRy7O1v2uh_JJbIll1Nc-nfWKubkL8bv34-r3kWAieq3b7649feTrD4HHocmknlrcjWjsKtnvPOiiqgkNr9HWmRxtadTUV3Q1qDLrzOXa-_6Q3o&cry=1&dbm_d=AKAmf-Dw83Jcjf6vlbgdx8foF0C614YoM9hy9SkxywI0AZ6RoWWhNWjAWZJxrI3-RxFkx4mGYVOKMyLr_fgGyoiWPLtENoEqYpFu2gFx_ZQ4Gfkj5SQRk3gu3rHpgELzvpfc_i002JLKTHDWonwiK7pfyXwGup1d2SddMpqsj8Z70wQfghiXPAW9D1q8fDuLM_yep90AD-z_QcnC19ATN82uE3_5aWiUwAXTkp-UA7YvW_2ukztItDOITVynELFn9C6tFLJkR1_qZgVPZSzkxJ5hphafjciCmnaVPCXCbS1OcudsQQ7KNcUBw_79-7HtPcWKpJM9LR6peezj3NvUxSE-Me4nkxZd2PZhEoHG3-KYWr2fcIYy94MRwTo2ePwEfQyAIIMVK60KAb4RCCBzNXJ2dCktsFqhctHDybfuTBwySDyVTnWnBsNBd3PslWJN43Nj1QQ63XgZgb_4rSy295xulbixqvSGSjATA4VYZXeRL9kKVOfU3VPxA2rkeU1VZLpfbWx10WpdJPHXZCMi0Dd4UEApSKItnWtVGjAcpgx1LBpWuQdl1ST0H1UMxMPjt4hruhC6EcWlarRQ3WiieeYfZMZbEzOmrrHWchS-bndXjXC9z1rsclkl_pmDJg3He4D8agYP-qSuNpgm-3Gb-qXrQ7jWkrP9p8YDhW4FC9D9SIFg3tN7d3YAV4O2C7gJsHeBcyPsEjj3JxneYXKZA8VB8sDsPMKtg0g17xxGZnWEOfun1BZVWlq6Vm-V_t2JA0Tzl7R4HZ4jJh5MiNO2pH35SOOfznHksGY4SPgs76YgjjtGpBq9fCTi0Ty-y12mPb_nMRaueS_9SGkG4LM2pE8zQPFyhjnjwjdKJ1dqQWtgCQmZ0Mb3NcvTql611cHBtnmQ6UIG6LTV6AQy8E3hAIuKSOHTNWtmpekmVAa5adeUSR6e5Ii5VA8SzEQlKPA4u9pXp27h3t11h-juhnmP-c2xe5xWPlv9lTzK5Wwv1DiZyvb4itq1kIcFGhnBD8TIOPsHf6wsLp6Xer2wYMP_HKIj8PhqbPce2hV2U1pmW3dl4gSkX9yIJe5byEjpR2UJnLU0R21juQhO5yacKZE4_e4bgJE_KVr6_rmoUBDbNmCopPPI-WR470myA_cb4M-xP9Be0eeW9kmCziHtz463Pfeg8gPUJz9F3B-TlchghtBSGYLEEGF9iCHFYinHr0qyf7h-llZPwESknS6bAdw9p1Jsw0tRG8vnjttpuuPh3S2zS1SbsrcWXkHw_7YXjnfrf9hvjCYKd95EcOrj5t-yazBMx3rvyxfWZvCxB0-D69t5RZm9BYkH2nSw-TGsV5Ewyih_UpgPpQ97voiy1jdHhsmx2xYrYNmtXH-D2SKJEEF581VPtaDNzSLX80kHq5Zh-WWR9aSS07N4P3zGCJoPNLMTywk_kbG9PF4qKiTtv0V35F2tljhAwxKRygH37eouVeaOWM6T60cy1QP55uL7hfOOEePpVVy9rWXyZMlmXGpeYYt2g_MK0QCVx_-ba--w7OWfRQN-nG66C0ZlvSqFMUHHDhXg8NBMSopE4t-mNviFXtavy5TAfYg88DP8olmp9AjhqeF_ZAmyP7ltgsYE0fdfTQE0_mMJDRW8EA4zNU8smwRUZXHCm0BbqXze0Qzd5WkA2up53ASGyO1uYToIwHEAVULxvbRGZxNcV-grmwaCwykVZAYneCuzE3hpRftcu93eFsBxofWeXgnHpu3RkMGLbRSnjUxSEWSkIZAvs-ee9clKQCafGzJesOJACxGU_5IBWda_vByRAzzWyO4uZ4baOx_jmqAv61zW4-EuwxRukmeVv8jqpk7uu35Vwjgr6nV28z9qNXxX5zrMS9pz82wkcbJlD_UcfYeHR-JOuDTTH15eWYWMMYgePaRr7kFgUlpYiPjxEQuAqAPDRxO3J4gyIxHyjV83ek5cRTQFRpmPcF6fcMXO3jKfa3PGR7tco7TMEriF7d1jYHEiRzylzXWQg7zMAg_MLYU0Rtr69ThwaMSNQD9r3lcrQVTf4W9IBF8kKgJYbzxbLdacTjaSBY0IjHlZPMKKDEtIUx51BP7pEy3racZMSsUzAv9Q_pETRTjVO2fwxKn_a_XbAOzaKPX831HUUzJlj5POKO41ppb_EmTVFECGbw9i8q7dF2vS3JWfdSau20F6Rm1YAJuX9kUc3ZGcVEiqKfW_syvIuR8z5UAHbLdfiD_aUk9ICiZqlRUXJgAL7ibPRm1PlQdM4IkLTtjaI91-jsqNDHPeRooOBDEFZH_fJhCKmdBr4sP5Fbaq4jgr1I_qWwsOWWntnq4Pky1SfgN1jLoaXyB-zye2e-GFHohd9Bi05MSjXWsrbLCaqgLgliroq5XW6okFaFfw7cRk1lQZ9SkowHoxiPO_lsJ3XxtFZbdQZ38JfLRxApbTtPMNvNYx-vdpb8_B_DNLSPRFLuc6ohabVWD7kwk6IvSi2NRIv7-SH0YAyYrCAjauRZv_rwrw-kgpC4khnyZXzMVJ-ttnDtWkQbZwXwvM0qwCMJxg2r33D8bqo2DzNN0YI9Ol8OC_ke9HcLKl5uzhr1SYx0elpzmG-rN1Gz7vhrRUWsRNtLQ-cSGyY5CE99HvkBsD5zDfYMLfcq5t6Qj_c-oHLWo0DFMH2fY1MSWXN1hFfTl7Qn7v7PqhkvMvRa9jIfVcFJGNKN6sxvUjT5GfGmgnM1wtz_CZCGqetjE3xShgyJkUkK1HhmHIjA3vwf-_nLsWJCuJc7XwaOfxYLFzkp4V-tfHumjS6s3LR2_w0BRk414XeKwRrygIwbu-hsLYOm1EtQzIPSvBONSBYjNtLIQsGoqMt5qg3zIg4AwtlFK8Z6z9S_Zo0FbeaoYWq8cAWz9en4F2OfllIgCJLoEzsqwgM94_rDAGp-3_swSO5xXXcxTTKhOx1UwUq_SzNKl6oOcn5GYT0dMGWPj6P-Y9_-Cgalf_wNYXbNUh_74rHi34UPV6ucrau97tBUyazahQ5ETebWg43jfio2JALVh7AVEYvj45DLgAfvj5qafPjhqT3w67Zn_ThZaMSSsfeL83rac8MPjJTyEL6eKHR6xyF69MAaBHEsD8_s0vTTMjHs0r8m9nVrRdIu0oUIxiAijlzLP7noplEul3glo8roRoegcWwZ2iXVp8P8Z0unrHpB_wTavUKCAZJ-fGYQ21E3BzWGjfiNHJJJSmnD-ZAz1anMsDCIt1iLkqvx6JgEviG2tA4EIkulpCvqz6KmCF2jOZlZqdsHIXXagpZJuYavmIQlk31AOoJHqjrIqT8jsZnxCbst3FFZR1QssFymA04qA4AaRtIagubbSmTzgJbCEBelERjhEcwMW3baZOdDNWV236nPODoTQ9SV439mTBGdh5KqK0Fg2hPw4h87N0RPnFV19DucDEsRRaPFaCXGiWjv2_u5mUylM0e2E4XbezjhmWzSNYctvPqI8Wy3oqy7y0Lqf1CCNYgt3eFSx_RZfqj8_2ZF3gCkP5DfkKhq-ntIgUxia8U_WBBENnnb6G0eq2n-cR94qLvutX-e4cO63MHtjn_IfcXMT48ZnevqAgth5DKvfhoUZhn5VP1_Ja74ZYAOn-jcYuyuFKKMQkEtYmHE6K2xGBbXYP5UupGsowBCM2vTw8cXUQN732WYY_4VVtUNhBs_Aw5ZYydU1DizU8xo5TsyGrwO0&cid=CAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=4376031596484057000&adk=3944675603&idt=140&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d9d20f3d64796f5cdd848ad1504f07f5b8edc1cbd345a978182b71b8d8156ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14000
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 9D3C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame E28E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733373412&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
cfc5aaf78147fbaae5ab35215b34e8285ebd37048df88d7d7597ce298b63f44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4146
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame A384 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
29145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 01:39:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C2F6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJeLy_INdFPyMO9Gqzuey202TNSWorOQbsmIpFqnQOdtJgyzzC2yIECjgbQWTb7RaqC9TSc1E1I1BKhNg4xIHBRO7jD3V54kkjFsoN9IfIkUTJoAnEzlm7F6v32Xrp3X0weFw3TNbeisXuMu5JmmFxBs_5TwGlt4zn1F8IGa9XwKv1PZk&cry=1&dbm_d=AKAmf-AD7aYtU3oEdGI_Ugs-GEWVQa-cVg10VgGTml-yugqbiygk6lroaScIGGy_it5i8eCBa7eNOOuGO_-MBfnV7qRsM_k-FAWDNbrdhxRdKr6qM4-9T28seIfynZxoqWeomuGZl8Y2mJt3oKUwdIKg-YemNHQ-9h5DI3evVAaJgj1kYRKqrC3jG7wyXxmRo3z_CSUW60xsCqCdO1dkirXvEdgd9OCz_mq3gHh_VMF4SO25Tsr1Zf4rxiYKGzQ86KwXJio7thL45tROh6ASkoYMTUn5zh6fmIDZ45gky8wZOcE2JLrZ2jHSYi2wIFXfYJ2GvJ_eSGeMfrbzpv6pJqnU6Wct-Hv7p7t1T6LmWzAU0lyUXAXauxwyU7mP6ZtLjInCYPWQr0ejo0WGuyXoStfGpRE1UjmTgXyB6fWGwFWq-_Leowfs4DmAgavR6Lhp3HEXCqEBz2z-iRwYTErVpErZw0GNh2PUXEQWdnL8sQBNzUc7X0IMbR8rjq__XFzqzXqCuBauxC_YY_Amb-xFirl412tDjn4ShvLE2_ANhYHMDiyAL6TKoK4pXLFp9UIPcGNaYtb6nGgq-dmUKaUClKvTD0kKwDd7XsW4uEhluPzgjydp9g7K8ZyD73WyE6i30S5Wp1ZqobyYf0-WDgVCcUTQkM5qG-4vU0mTjm7wWBn3GsRj974hSl7eUEkFnSDz1ROOBluaer_-Z6swWDwQ155tVRrUl42Tk_IoR2unjix3rJMC35LkfvtxNInBrhUqlPJkQ3EYnVNmBsvlLnwVA5Whj-MY3UcKj9JILyhbxhpATLhUgHV4KqEA8atfaC7WBfGezxJFrxhvCXsTTsThTMkigczconmREZaoS_Rf0tyQRuEmvnsLjCk3TRIsa9Z7ejFPHzJ7LRX9hBujSmI3VGKKR8kCChakGkpnWcLE-FMfF_0BMe4_N3eMSO_0tWvo-UN_NlTSUxeF5ZWWO9AbZVdieC561eGVq17O-5GXhQ5YWIz6mKcUR6-dt3Ya1w6IFy9zYLFtTCKjk56W1I1Qf06CvMcq5P935m6n2K4xGDJ4WE9w3vImIFqppwL9PGgGcTENXcomBSM00CBmUEseQZf_9zilNi2ytbN39kscamNpqvlO0YMi3IuTeWfuHuWf8hIK9jBaFVISXpvqSCXJKGC38dxs1uMLPG1uiWU_6FwrHB0API3McOBWgM8mVLJN56SG3bUxArjjdCXpvehab8BAnurrWejJVdV6QqU3MvItDEWSDOZIyjo4XQods08oN99lb3qS_8Ftp4WTPSbQ2IJC1zZAWqTwNJOrKBMEnwgr5oVXe3zLKvbYoQGH6d1140yQoHAw9WvCVuitlha88Y9F39eHt9XN2mnvAz7R6UqkynNeEDmgYI1teuWcDAx3Y-SMCl1LHOqgbl4AupGbpCTFC8pV3uVvXs4ltKoPQ8htX5a0ninxAgdHVzC91fkPLfnILklr42-h-zR3Q8Mex3U8pw6jkYOQxrSNY57YIzX4i4A0lkeSqrsFyBCYQWyyvS7Vgg53tPlDnCXBnkUx1NsgvJURdkbQ-cmmpgHmlL6-Ts3Ue6sWg6CwDTexNIJ0UzSlA2xlP3Gne9xDT9uqK7xZtP0wMHnm2rZh0VJpDq9BElTSLf7Wx65hUE-4IMvFjJBBKuThP5mdwCYPDBupi_loQWQW2OF078n_8gXXWRRbe1wgDwmw6eBHlyCqnGv9zvoL3bbXbjBO54bNec7ciq3CGliasi5ABL0jGbCQavXwb3ARGVlCE0vKs_0yMgHGMSsXu4rBd3CCBPSqoDSEECE2ATS_AjBiJifGXwJicyzkCo10M1S8LThQ4rrgwfAFwU6RtpojJ0Hrb0y3fIRwN-ePfszRBOvLFzfT3V54uONXxo4Z0FlrAK1zm0N0gWTTZ_treHxd5IieMw__K9CzFNliTsKBCFTlYXJgbm0G0NPl9AdiYYWTqaP-5EE9cWY8w9zakP3QawxAQXD85t3c9K2rG6dTVaTak2DujIzJAREl_ZHXG5qvU4HzfAiTJFRNhF11lPCEZfL9PyIf3Uh5y5wb0q3RufDjN_K0nLLifqQboChmUMNxfmxVBUGLI4RIC4iyMKfuWe92bq-22jSmSG0gwEARnJW-_8PzEYr99bTB18_ROLe6wbYxo3KRP0MkMcu5HV5iZ0RnaygGdrVZGWJp9L4u7-Hw1fON4lDLfM6StmRiPCEq3W5RBdq6LgEdqZAQcgfeenX2V5L9_hLRsgBuTRn83UBpxygjhFnacmZSuKvs2jvIIMKtXRm4HZJfufIBUvREoy9GdG3fItb08pZMU4dRxFH58X3rF8xjNC0kW652pMGXs9sMOvJPnJeuZ7JqIdeXXUjVxnLNo9aCg5h5zeAIihwsmJOrnuzUKplYeG03A0A04tPIaguXh4gVsbB4GenNVotJ0ZmKQOtl6G9L28haRjaChXWc1yN9AGAMLq1tk_prkSSTtb4z-JJgVvrXoWmXVgucCOq2JpeeUEokRczGE3bfNDFwBW-cHilmuo8aUNg5aqf3PTAPynqqlauGOjjU50NeIEOKHjJ_ho9k126fw-MKT0HKxbaLOXLeqIDrMxLVZusuJy80CvhgjZug7jgWI_R2t6VETVzyWBmXbHRINzueAguhg1uMkHPj6c3ejKSK5Y376H8ldujYioIITF71P7mj6Vl3gPtKX34zDuY9ZVinHHy0XmNKQmRkie9RcFYZ339lSHxXjbd3IPVLPE3PlcqMkoYlOstcpBHTOmH4Q5ZC_kM4DpSjW8erXBjvFN76hA2CMSUYNQRzM1zoXxYgKFqxIYDRV2uTgDxVCjroNxW4XAZUe542tIJObmyVweBMn7EYiYEtz6EqZxnNT7WK1XRF3G_BW-4gmyGKcXGOpYHhpml1Y8JvImf3BdG7MQsDPCpy-b5dZvloC6X-1iEPSfWxhyvP48-V2uChcKcV_Ur3fy3pnX53dpfzT4xYqXEK7PYgn9Hg5Hwt5lGqUBPzK0OzzCn7QLj0Ov0B_uJ8TRPThbZNdBip7nszR1ooFAShDJ3nQj6WCsNoZ62qmhliGJWWyAbOnHJjokkaN2FfaLG7G8-GO1nc_n5IQCb3W799Vg_YieFdqYzUjEzR1s8F62TvSIwDBUFs2VBGmME82wQyhWUvlTl35WwcGSuv2wjDdMTD9dnCqMSfYqWMg02BRxFoCJXjoma4sodtD2E1pTX_vZw3JgcZacYgrABIRv_IgoVGCuMEKIjgrZ-XPr-NdMXDYwX9gcOvsjTrACaZ3EVZli2ILiJ6pR5RbuW-tnkKMJNqhd1nR3tXEyeo59I-bh1ZYMMPzR38amF5kmth5psuT7UM_PGwQpBWnd2yrzdWHr2QQxho2ZVWenLOXO_8vAQqLUU8l8WeIcjzv_yN33waj1ljffSJLI5JKQnVgXQpxn7Fxe27O2ToIcglueexREzuoZ3mpaQCMpuh-BibRws4YQrc5RLm6mJaJzFzuImHOHppqLKQFR-EPehF1ZsXVufb1CoJ_3S5gDchL4fGdKRUL-hTRVO5cS1HCfsfjQOK0E4GDC_rbxF6UsznXYfNc_M0RwKqP6AiseNkvoFXPPItjFHgk5vZ4jHRISxD73GCuukg4xunSFQ4I4RhnCdz3KkRgZ6Z9B5Ype5M6uakqcGz25V_cxZKf78WWJ5JS-SNQA4&cid=CAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=6023565654924365000&adk=943508964&idt=155&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE1MzI1MAogIHNlcnZlcl9pcDogMTI2MDY0NjI4CiAgcHJvY2Vzc19pZDogMTE1Nzk2OTQ1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame C2F6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE1MzI1MAogIHNlcnZlcl9pcDogMTI2MDY0NjI4CiAgcHJvY2Vzc19pZDogMTE1Nzk2OTQ1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MDA3ODU4MzU1NDQ1NDExNDk0CmRlYnVnX2tleTogMTQzNTgyMzgxNTE0NDg4NDMzNjgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTEyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxNTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc5MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x9cf023a5d5e026770000000000000000"},"debug_key":"14358238151448843368","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8007858355445411494"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FAD6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A92q7hXfU5WotnmTjykf3nyyhY-Upyj1v5Gm7cXrpdrUkHdeTgtKVwhpJmMWH4tdy7YPm2SvAK94wg_fM6ed3zeRcPzwnJVTaxrPZ4CnRZuSo8pCv0HrX__JWn1qfMCBh4sSt9g03UxU2V9xXaQynTOe-1QPJEg5HwICcr52e3zr_7FHY&cry=1&dbm_d=AKAmf-ATm7TiE6eF2i6x96vDonSn4Tx28LsbN_5yK0eR2b9Nx-ISDpjFJxknTTvFz5NcH95G0TQfe4TMjJkOzrQKlp9D89w1K04TLLUDjbDSvz7fMEIXfcxt-vC32DatDTi2G-YcBsls-psz3volRnVn1ubfSugqbigu1_xiRjvcPxdFD0U2or78m7urf5lWMJIGh5sVHC5-wVGkS2-9N8AOPm0wL0QXLUwcFG_nGSnNH7meHxlZ-7RGE6ldIB9bHSOhQ4m9Ep_ITh9kbtSkCGG5I8vBreVSYIc9w1UMPXDD26lAkrPM0Hd7MXjIZFHUJOyQj7kf3blnf10dzQ7-Eu7-wkNsD6p8Sptc0AavoK1nl5xuVuHGRGEsxGyyvFRzNJHC9g1uXICeYr1jYE6e5tr75zBQ5ywDfaIHMr_Irg5eP6EGFTvi2pX9fi2Vjp1c6HnxnFe1XA4nxAKm5xfowuGOhze70aDR9T19eMblEH41rmZbKUQJX866FymyLVUEkIL61-ai0BT338dHSyiLTPkdU5AtavjrK_iWxvqx2LkTBESXFnwugWo-fwFir2ptw4rI1iM6C0p2BrWY_nHoaDVwUR_FPpp0bIqbq-VfrAB2Hk4qo-Z2OV3WdScugpkx5Br5Wy_xvvxlqP8f7eSlGYtL6KmUF6dop3uISerluLmv83Pl0InDjkmNoPvHl0tKqDBH8qdZglhd39zBTtXlKCwOL7vMruQuNCS3jbxBkwtQ8OZZ49P4ahrmaGakBlkYdPcOWzC6ICkn9XBwTha-l6MpgM2SB_PvGGTbzCvZK62_ynYz9aXmv-mEsTJtVUWq7bqywvtUeNy8r4hT0_4yOoJIdQPece32BOAcGwOOWSRxx97j6C4m8JSrS-LZFDkhEsgvU7XFc-aON3NyAXeDXpx1wlSWFdqyo0H1QvqN9xJUv9fz4F6q32DVeFS8Ky0q5rQFq5itVvGh9mcJ3CD0FF5omoG4PY8AUJuenotYbRac1RXfjIMDMZ3Xoi_SkHaRGFywOjCv1gCacTKljx1QokGkYp0WRpZGSM1P1CZiYj7JRPeIWP6yBl2S1dhG7IvvyhLjAsocuEI0mpQN-C5lZlHN6-H94FzdeNwvt2ScLxd7oOz5UOlzmCSRdVVNz1gPi2LvMGnPLLeyV7ZWii8WiZI6vE5kO6BasbgiE_ZxTHgg8H2vM_ubcP0ub5DbnXt5qzKvLqISd9dqtZmDv9C6LD3beyXOroaaPojxYPMwhNyxuUER6rI5JoKyXnWUjRvB3cIPHEUFb_Sw-oldxhmIX7Z3nrbsp9euf8VHkRtmU4xCyBj6U17hPufGEs0jvPUrUHfxE1nYFgPI6bJszozGQ2FEqreNX-iFPx2Xg37ynKb6Ni14dacWbeQpDiBL8ih-FWcbQapulNRmP9Z6KnXmbTsbahlsFFf5hNLRfi3pzsnrVSMlvCFcA_U9CnkLrgZdStJNwhIKJH3iWmRMrBvPn0256sd5NBJ40hG285ZuBpHkJ-O-mAV6dMtVN0XAlK6hbt6uhjeRKUeOKPJDWHqboCaFiyNhxz_cZlw1QljAeGCDwbyBfZqBoZtZW5AR5ljb0cjrdDM_4GbLwyY1Y68HzTQLz1GpzJNZgPWLaMdTao3_lTosyTAIfFKloihDWjjezCjZVDyd6fmvFckKrK3K6lBJCFBBfdsVFwvO4alXw6KXG0msFWJoSC9piO3HUJ5LEOgtQrJwAx6XiW3fbyDNeLP04SVsglXF6VioZov0JIoUmhidmY9xCN4sELXIhodMsy6s_AGzjTX-qE8SENOQe1fIaQYC1oUzbOJF3Qv3qULFrSWytSqZwPu-GgWkiZZ31jpYDdoT1V9iz-u6YrzpyOCD9T0m-AD0xtkLJbQt-wI9tEnD04MvVUa0aGfFmhA9v4V-5EgUSfUWg0HazJRSV3_8J0kb-Z7aTZS9pf6oHVppAGnDEkIqu-3pwYY5cjZU5RKMXIHCEkkgsU4XQaS6IiWcpLtqfm2reykQtlot4c8OedXdPd2VNmxLq4jiYNrYrk91wgkL_cyw7e5szQOAal0x8VXp050fc935NeC3RNxlKr1yviZNhHcBLMtl6ZgZKp3cDmDDs6TXhpMCxKk22oRRJpd7N_kd3ydG3NMjIVO281dNUMXrMU0xk5iZnze9Ud1MNs2Kn0pvsVLOhVuqaobcIhY8bJlp2FUECih3VSLgXh2yTiOMexnvA0x2dwd9iw8hDBiJXn-REzuxbboKTStz5NXhqb-lLznFo-D3UA8tGCO23gaUiBsBNpLykEWAeGsj_wYpM9WY_GrYhRSDAh472kkogsdOpHGOSxsqKY5hvxDJw5aTqPWN0ZxSBA5SsXXEK8S9JM4Z7tQMe6MiDGpKBmjvjBRA6OvjcfvGlsfUkmqMr0uaZJo0ZxZhy2J1GAOtA5UyRfyn6iPv2QDng4fFL0WE66J2gmhDY1VkSxu55N5NNsKIC9o6B6cBE2-UFY5AtvDJavZFLmbmkARr09rBffT2Ff1R-gCSYvJM4_5xJ7P_LEkwMV9vYZPriO_rvr5LFafwz-1rdWDlEf_33JZcyiscl-3Xmo7RVWIYevgogjIN6bT1C-nSoG6vtQYVftPil_nox2argr8KFQtgiIcN3I1Fr2L1pDsPUa7B-zHJ3ppYJ3MOHFH5ZtB4xGCS6Zmw2Aqj9NqlCRT2Cm-DoGCmvbj4y7RIrrWfGJXBpri4JArnBVO0VsY5Z3QUY32NHA764j4bktUG5UKXTzyO_qRf5OCeLI7yodr8v880hh9SaOysTlyV47b78WEmyVJatItQnn2Mk6u3IsUs3lH5ldijUDxex_SLnDvyuWXssB92VALkdTK1KwPWrpZo-L50XCm4prjp_I7gukSTCA5ifSTf5dFJsjq-q1cwLiJ_g3qXUuPGj2KXw0bJRgWKth_KxDKl4GdOAEDJljhhQ2HimAK7ia_6B85gTYnNCDuc2tgbVvJcOPXnWtN5Z1a5MEQQKhpXRYG45_EZRNag6vXwrh7EJ-O7CqXx66ar4nhLvACj8XDTUg5pVb5QCsnFwjlPj0C8PIThHBScNpV94bOTw_kbSeE4mQ2Tr5w8Qz10l3onIqtaf9t3AJ7VahG31EK3wOB7quwYXzRfj-TRhjx9MLHTvvq_z_Zh5uN0F_chMEzxSrBc2dtqWrHgCbHRHT6I774G-uwN5syUhJ2GnSJEtG-nJMwhqw-ehEq6-feyc0ua8NincP7PL5BkyA53ZRie4XKqgXbLNL-2fSKb27Kd5Y-3JrO9N2HKGA1PG-MA50ZoDp6xRndq81jqCJEaxr_YhBPHkDwlVqdWDofhevVX2eyD6cOj9RU1Ye7NxI2Uu6VEpJUTFcRtUi4AfRm3rfMd4wzWIAoq9vwVb_K9V4-rOEy4IXxknCB13JweXKPVRQtKXjEzyrsgDOBbNnGvKl-qZu2bCbwNW0OGHJmuQYbm2Fa8BxVnShK_ELmZe46McTnT-11LWsNkb_vlykdfzeelMLdw4Uzkt-yJUZeJAwJJPLTfGvoBzjyJ9V8r1pi86fjUXS3wNUZ3tMv0jDoOfb-fbkh4-ixoUB8UrZvwqCFxYpRwEF4ZEq9wz1hr57LYsBbaOG-kWfoQgdBRzDtLnzrA2_5fpolZcN_aIo8NlBUAKHXeFzRveSW3xwbYd59Yj_5gITJbUsMx2296Z26lEVgq11iPlJBO8oGl&cid=CAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=164181914731393660&adk=2228999114&idt=153&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE2NDY4MwogIHNlcnZlcl9pcDogMTM5ODAxMzkzCiAgcHJvY2Vzc19pZDogMjc4NTEzNjc1MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame FAD6 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE2NDY4MwogIHNlcnZlcl9pcDogMTM5ODAxMzkzCiAgcHJvY2Vzc19pZDogMjc4NTEzNjc1MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzY0NzUyMDEyNzY5Mzk0NTgzMgpkZWJ1Z19rZXk6IDYzMzUxNTEwMTMxODY3ODMwNzIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTEyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIzMzQxNTcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc5MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x9cf023a5d5e026770000000000000000"},"debug_key":"6335151013186783072","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"13647520127693945832"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0070 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1nwV9LcznS6amu7Hj4xTUj9bJ5_OZHmDkMXqQRj1pPJbHcYrhSa1hyNu4Ix0YTBqjAdxdPMNe_MdoXXsS3OO73bl_P7g0VrFw6nuOvp9AjCPNNNuHfoPkRSore_b7JYqpTDih3l5HhvwD6xXGSZQq4JqTyjYSxSs7vMEjE28_8QtCzq8&cry=1&dbm_d=AKAmf-Chm-QI2urT7Lzd-RpHnx4R-FH41kaSmFg7TOqG8thsyupEOFUa4ztw_qc7LDwXm1UQ7imy5nxwYCM7yaTQtVw-_puHaoKICUcoi4SOGyu23SN5HbaBIZ5BK9fLqbEc_QymlHhfAYdYEPh-Hws2Q-MebwZJ5GV-zVUcazp4BKBZi2asfGspUSLFYgohAw8zc3W38srIB4RSBKxdRv1MYDkUMcQkf_3APz7nm71K0n3Iyg5AF1mZtnNxcPk1Jv7p-ntJaZUePLJ_Dqz5KkPhR8-9zB_Jenp_7yHc0HiH-7NfECnjb9Ns0QFAG1d88AybhBnoPJ-xZTJe9NUAxJQVGSjZTv1XaoUEyEFTCxR8uhhdnBMXk5I8o3h-EskjklhdMmP_EI9nnAHLz6Up4QzYJy4S2gkWIq8qz6QoO_liBuKSbywKjPxTo5aRX_ZxOgJGUHU2INQ1xe7N1NUsVV5DLhxzLxqsyyr-05SBqGQYofCFtSf8MfA0W0S4kaTSxwrd7R0sFuxtno-_4jUtyJhFKlX4nMgGSsH1YQXdLMgsRQdqSnLxqe3MKyhhtL8k2E115SB6tdhwXYUd3UGKsXOOzLQSKUWmZopk-ba6oQgqu63w9d6lzazqwZdITWfmOtIjOLG8X1E5-FAscq0T36-CYBzwvtOKlzyjbdew3LWdRWwjmrGXIyB5lsyE5oHMHRvjocaUmxy7J3xdvnbey8O7w4kTi8nSx4aeHePiyfdEdBbI_SEqO4bvQjY1VNld3N41VmIBRF_DDK9kTkS8CabgX1eqAN-h1DewxljWxhLmS6uGcHdVN9uqhzglpuZZh-f188BDNJRj84SStowXvcNlnIHHVOm3A5f68QxZd25Pjs3YwYtfD704M-EDW53MaiBFKj8jGSiTaI11_84VdZbG793XtOH3u9s-VQjaMtkVQwnCAs4iJrbetBGtqMEMqfFLD0VeTGjaMC0gwIbC0npHY96RafkU5mk0UYCMUwfeqhCOkh5wpxtDtxGNieTTRDDLPcaMNG-zJhyhPslxNV0aihU6DZcoaEcZ54IfA2P1GW9Qambj6gpaQzrTK3AdPGLMiHJCWLD2mWP1c7XyMH3PwMvsnedPy3Z7fN1zquGww1iYizn6BgdEAzBVspCKERJrsHPH7Z8K7Kf2-gFhzwmeHCogXtC70uYut8RHNDAfSwU7J2vSGZ_wXC4uaEgCsEECgVsC_WyG3cuKaVocB7qySy-Pmv9D5wCof9OAUO09uTkJaRKpn0eF0XTLLkLh2nQyy_DOYqoHugq6UUD3cUDFUOitLP4fpR7REE-4RuHyCOE2Q0iOO7Y7R3aJDHJUZ0QSlLJmiNNzwfjlONGkx-kHWA2TX3AujcrRrfoKMZDUF_5EC-Y5V0zhxe2VfEB5dOLHKyyUnUnH1JclHhFx5LZ0CRkL_4SjdJhtXfzPgQm64WQZ9qykNtCFTH-Adgtyqt-hV6sTirDe1svM_8-KRa1rnZRU4uU9NWjBsGGN28LvHFlecLIlOrnwfCGSD0iYWt4tkhrgXOnAn40Q4Sfcao38CQtetLP0FfajDqk9-TvK3uEmKghvpjwWSQeOdjsK6_9IDKgdq03VwX5fARz8CvaUm09CUgtN5KxiY9Y-80-WAA7jPNTH5MKJ1zAq86pceVPPjhqDdkkYEjPkMmnRPx26i-QDWx-aqwBRPIk0uzVyOGWHLh2mdcqV0dSU66auqiNU-FlPUHJF7LgHt-bcOeDY5mWwUt_LXzFMWNI1Ik7-j0KLhKy3cb8kFltrHKJZeXA_4DijvozdhvcARRip7ZL7nB_xHkhk592RGOwzQIjOhQ15EqJr0vDBw_5uKxUPH9gFsLmj0jW39hwkHTWcC-odNzT2_sGJi0uXHVa-68VcLQjtAMAf-GSfV0fsuEFPsSYWIVJAtdSClOG8TA4mMxIA7qB88GdgmoIyF8eV4lH6YILWxlRyU-KIqPsi1QUDOg7566M-55Z6qNyFrIVVDyMckp81o6viOCOV3h6JIB8tVe5H68MoFT6888kKXntQ2V3TS_n1-4Xp0CB2fFvUcn-YXdwD8YkaGpP9sRcdp9s_PS7iSsbMlWNP0HC9fkGJsS7Pw9aftqfG3Go4VTQ02NhuuReNIpK_S9Dcbo_Tgyg85L6T1YF-ZHOZJS1mGBZlC3pBS1Daj2RDAkLOaguRxNKOfUS48eiDk6rsX96_YDMB-QpicnUJILpNmktPgH_7pcjYcaT4OspZCsQOtd01JjyR-KhVZFIjG-XViaexjkTsVW1IrGXdT_czv6G_eL2Ijdngh7lMoBYoyswbuZQE2Crjcm2iRnOBaSKchoyW-kzKrkixPbANKuGgyWDg916fqE2mzVq6mCUW_MmIdBd3ZHVpoUjYtuKwNrdhJixsjVSC57NlyIoTqywrMyYPxxleY3jVcZLptcMAJJSYEa-Li1bLxPhfWwOvei3zf_2rDM1uD17mroKeVKvAuE13drRApaD9WKgIwS9wCf_kDLnoEEXt25PnUpYtmmkPgg7yq727pbTiR3Hr2zS-F1yyu_SH_VHnBqW5VLOLbbXXjnFESWbG64jzT3t-ADZqu62ThupZLHC_JGtk1jaMiZ03wG7blDJJC_UF9izpg1OGeCtd4MX0whpq91zWKLZVO6QDuP8KDcuHO-MnmOpPXFSmw9kInRfB2D2zjN_Tj66lcAaM4aPyzyBncFtQgHeXeLgLCAyOcWkpq9JXM8X2QcZIgE9wXFb_hfMhIQ23eoG5Yurcf9XPoxgrCJ0ykKiE9DbzlkFWDxPGfI8ED0P8YCEaT8tquW3LJAdzBYK5kjpBn_r0CYsRaJLx_AT_IS4wNNz4Kes0L60zz9-KFxQxdmeZRoSen3IXXZska_BFESL3fWfXAMi5KePrIc1gRFEQGNSqHE6GWPULegdscab6VjGBHKqP6vLOMFJ1C5j0LBOUa6-2m2xvNyuxXGas2JTutZZ9Re0uW6xYR2rjvod-2wjw_Jefs_18YQKhdRY-DqeKXkM1qY3ZGxdoqc43JUNvYayBiRQwi_tSQLhEYZpgFzX8ITnz46UWu4sFsgFrt6BrJSY0oqpiPrQ_kLK3jD74DB2rBX-K13I9rHBUV-JMAo1j0Ovj5m0z510U1nbWct1VxqpnxvyLZrctODibNMF3MZRaRolw-7PcTF8i4GHl0XpZy-MdARn6qSHFom1WJFWHrYkhOt8E7HfzMjkR0TFqhfeGx7vk2elhh4Ex_Q6-EUy2jWNRDQJ9HuaxOnfzkLr8DzHqlpEdnPoCdOIVbtr0RD_b1VaZ6yOR5eMXEp4AivMwF8KvctW0tMw94Xu1MtxmSNJjj-LN0Eloe4Ozt1wNqR1AbKY-E12RhNQknOy4IVoRmCFPjl_hLjKAUwcRvaB4a75ybkBG1eG9SlP6spjWdMRPUOz6XcgmWUiQ59QlNSivSpbTqBemACBrhZgYZHfvb8SROv22TtQxn2rCPHbx1XF012CPJvBPxIyHKnm2ma4TuYFom-0FNUfuSHcOrXuEslUnbmQ7Y4FR_HV-ffh1XF3fmfv1iW4DsQ0tOcod0ZqgVYw_FH_iQVQW7mhhM1KHdTNKs866oGMQ5M5k_tWTCLMOucHJWb_1CugYSUFAzjqbiSgJUxJOWNOtnvi4U2fXLtgmw1ieKWKKCCsIlbvbInjsUwF8_DM3gByVXEw&cid=CAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=13049535889327150000&adk=2086295848&idt=209&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE3MjI4NQogIHNlcnZlcl9pcDogMTM5Nzk3Mzg2CiAgcHJvY2Vzc19pZDogMTgxMjY0ODQxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 0070 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE3MjI4NQogIHNlcnZlcl9pcDogMTM5Nzk3Mzg2CiAgcHJvY2Vzc19pZDogMTgxMjY0ODQxOQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1NzIzMzczMTQ2NDcxODYwNjIKZGVidWdfa2V5OiA4MzU2MDg5Njc5MjM1MjY5NzE3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMzM0MTU3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY3OTAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x9cf023a5d5e026770000000000000000"},"debug_key":"8356089679235269717","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"572337314647186062"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame C2F6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733397606&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
aee9d49ed0abf818fc5c72c0645a379017397c8d07ba84d4ff549373d0c0bdfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4148
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame FAD6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733369216&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
04bf4059679a52fb1301f58a974dedac47594cbfb4fe74fd8a9f7576ed7ae216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4154
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame 0070 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733382362&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
276668044316a75758e0307144568a3d1b1c91f189bc60da64891f5700d532b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4144
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E1E1 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 98AB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhphIqx-tMpjqSzg5roBDcH9r3blCC12otvU8wMTCrLnMPYnS7cErX3yqA05pgflcNjYkNzgl6nXKU33WAhzTXme7YgwQbS0QXgP4yl8GEGkbFUFwSYs3lv8b82eAj6WU6ZKqm08-ZOWng3eNzxxwDwIKMl-zF58CEYL4JkkUNPCdlsIg&cry=1&dbm_d=AKAmf-DHWjT-R-13fzIRfqH8Ingm6YNpaMcy56kNsiaGhZ7H-9kuQUPdgssw-R12ZhXqoCGYI0QOeoT672Y0yrQR5eBPa2R_xFqStFe4vgFuEci2tYsWRI-4Pj3xnT2AqqluXJP2vtvOmtivIg0RREqxtkatujjDWEvnSm8UMcGabvt8AnFKj4T2UHOi5I0tAFtbHEJfgqygF7Mpz7VgSU2osCzATUYEmBqhKILWvX4NcrmHTglxyW1ctLMsodVZCh0Q5FcoMZuUhSEmHH67A42R2tPHGhz20NyKYBMCGucKljFlo8JR2908ZLIQ8oca3EpbNIlitWi8XVbB4V_HUHgu92anP7_Hb221_LT4gx68yPtKVIINmpuFfgkwRx37m3y1NCMr9PWRvqIKdTD7kNyA3Ojw9pCVP3Pv3cxqrcjMaSqWeeTQDdCFUK7Cpur1ds6cnb3HaZob2d6JuHHcUY0pMXAvo1qaBliAGnFabQ5yGhCwpJ4GB6OhHNPEuqsWTGOjKALZZAqrjK7pCuwxrrjmoVdoZLKd985t3_ZHlqX9jFZdLo9vwFegLC8gGN__MZEwE9XMrKKCHtTBjjqgLDk2vL8cxYeMOXdzgg-R9AW0G--7XBnWotoiCg5XOnqGDzpNZWHsYemmGvowzHIOOOt3T0h52lCp6tP9xkfHmCrmlb_kMxN4KpArxTpYlVmrOSFH5pfK6K07aNasOK4AuxvSTWrK6kOarhD-qImdyQ0SBMCMLot8x8VJks-D02-wCSfd0H3AUVlYTGflBkJdZNh6S9XI9cvjdvfbPw1NsPKmPxjCwofAqt0k7X5fpyMSgCUTye0nYguPnn8yKdDAWjiKgj4gth2Hh-F7Eak02cFlEcJ-ClX10eozvV29V0Bp_sKR4uNHD8h1aYKfi9X1F65GTsyoqd3PJM9Knft8MMKhBEY4bG7z9KVcQHxlzLXpeX4bs68x0F7QAtPghuBa2uW1cKFznaaP2xwI3EvvTle6NRQBeKFewPeC3e-N0LVxOs6lqIVekHBa1Nt4h-I_w9A4b105PEjNHE-jhBVXASDnD_SvIvsCYFVoBmVHgRGwTd07s2irQ-iCQ43v9ZUQ9JRD9Z2Ul1FfuAaIP372s950egqYQ3nOLYZR8JtEQL5v8h7JA7ZCiZLFj3dplwzvgY4vkVdH6b4zpIqDUxmwSqjb--60JofY_VvJifxJ4Y5HNITRM9NthWy8O9UKwOBBe-BfGfZdIbP-rGI6lrXWhxbkiXMOVLlvaq683-Rcr_o0FCPVMUfpuPrA6LlKxmiEKHze28ILU3GUiiXtlJEc5x5HaCHZm4yCZPTsiSUZtNdmdH3x4r2UOCH7qnoBqjH_jjtuQO2iEtjG29Am60L2Oc153_61SNNErLOBvDeNic7eJrsWlh8o6LCCIHWSwpq7vlGowQAlG0MBE1nrRMygiwNep9tDxvFJ8qhP5Np9qmekUCe5rEc6wOLJwo5EEDVh1hqjs99cRZwubv7VdN0AnF1Mf7vbj6YIHOKGRfPmkeRs-2yJ1G3jaNRN0l3r0i4ewjL19cKzSPHSDAiuzCdZVK0lW-waEzP66sKTqYcOtM-eB-eiAhvNYmzgxo6zWI6o4wRZcYPUx_FOhQ3qb-y1EGaFsLMcgFMwvdHxfzMH8IOt3XSNYRVWNZMoCO-RQRO5bsl_dIUcJ-nd4aGqXcKKZZ1zoQ09GudgupTcUOSLTNUFLMnTC9rOz6WqL3Ax7-7ejfWr4aeKRo7hNyrpYj9rdVzhYhGnMiqHhqGGVO50YjyMsZYGnXi084YiQNzmi0lpRgXY21CEhDsypN5euBTUBbczWr0FsnCjbn9tu_9st5O4UwJ_wn4yOCWVi5fyXD3BkAQ0jgco_2lvM-nGH7ivVlt6IwDjMXlNTdfY7nnrMfCIRX-O9VzH4m-MK4AbmD5uvFMEztQl0dZnyCIZ2fiXR-vW4YRJoXa1c6zViaMC6N4wOdS6S4kqlCxrjs1TGhhPjbhYeW_0-UbMyvbp9z1ny-6Wb6bjYXQ8ZCBNG9KxGcwL83GoZFfy_PDJMKiy4kIO22XVxytmzfriWALZXjiiHKYj-Z8KUE_OyzUZSOfXScnnpzCvyJLsHYXeW5XG_Fmf0qGLwSIxzDTwIrNtC46AQPc4rt93Q2qA5bDr-Qg79vlAZ4rpIpEnaHJlUQ6eeZtCxs70mua7a_meoH6GiGs2TLja724FCZYycsCz7MWZYIi4O0-S_8S7SYkdIAhjBJB4WdyY9P14CRnyhlsIq61mZj1gJBp_-XgTljki-f3KZXbyqgTNLfOQ9YJaC5DNke76E9n3jHia_QK6k8bekgDALvrdjprMDs4eKj8Oa9IgjnUlUqx6J5U1I2H6MTYZXjiihw8dfB5jbPNNZmK4duag1SVbeV6MNUlwdQNBTPhQKuy_xXrei1f2r8Ne_WbWubARguEheZMDTIXdC7bLwsFm0NMumz0YG5UfntjtYLwaMsdc_PdrTtB8_G1sgQVsmXgbuzmFAKVNcdffzdVjPUxu6KQPoOIVgQ3H3TYyIm6_qKOBKUQkz1I2_wy2RHThe3HUA67SYn9iTkH6p_95qim0OnGBVcgYqD7JonRARroT1q4zi9GARDow0tUBmL41I5Z3gtpR6eazKOLM7SCuFdzq4OSRXlD7M4yib4T3_NMOG-fIm5QHl7JGFdjfqCJoaMwDtV4GcC-nfB6YgkZML1f1WIB2O9pYeMXW_y-1Ue7IAz2d9IkQWEyWXJm72HSrLKoj-4P1IR-PU0E25-lehbDVY1sVZ8IFoYJfeCVE33ML7uI67-rPegggGm3nHKCxpff--wCt8CM47-68kFfhavBIWljt3NlaqsS3OCaCtbiwULKhru_a_gL62JNZRW0Gs0W6_Wr_u8WSDoQL5rb0PeHiJmJ9Qkk8SxUFsEiqgPsYtpGv_gyQWoC0nWjFl0ruNb96zInOutdFjMzVCT-T788n6Qfnb5BQj-ufg3LtcHaJ-aUrAhDhWmJCYDZl8k6aDpELVf4oDCrzbc-4GlEE7zQjbn7fvlxipWWfqYOnJ6wanOlyhjYq4HR2j5tD2AjURq8HA8ekMV5AMILiqCImpwQHVh5jlQxyOm2cvP5DvGZjTvXeZzP2KRf98iePAF0X70H91-zYiOADimzS9ngFE1SVD-ic6jh_3ItUpy0PtR_R4Y5Ech3LTf6hedCzDCt8Bzh5Ko-ife5viD6B_Yn4-PfYvNh2kKf3MPAy-lVJsf6h1v6Lnp6QDQW22w8SQ5qq2uo3BPjaPtPGdR7wpb31uoSH5ERUQoWfMkGp-VeCoQw2qaIweBXdT6A1yQ4jaJAtrOtqMYq6UKX8xU-EL7CAYUNegEAVscaAAELukggKa7Vfuk4ozd0jiz_jiyg9sYRff3YfNG1MTduXIxCOSty21EMX6caMb1j_bWpbNO_KMBH6ES9eB5wJZ7nlY_nIGLZ9g_eR_e-jmDgd8B03KNeQ1mZaT_7M_i-NUMexGoOrpoCKP9c6zIguJNvloeegT2_JvpXZZFIOgkWCTC3V6pn38R2Rz_UFwSQhFogLMfHoB0lidkxio2kJmaVbiEAsfE7EopSb4bQhXzBnWHNC9Sg0aSRS_wZb2pFU4EpQmomTmSZrjUcjUb06rBBhPYojGATYT1BBtQdr2EjSWmeW5yEEcQtrg3PW3gKU6zWvklwgPuX1oyGAGaLBmXvaUUSPQnO0otYGil7jTK7ezAAwEg&cid=CAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=1565099126655631000&adk=1877897942&idt=119&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE4OTM5OQogIHNlcnZlcl9pcDogMTM0MDYzMDI1CiAgcHJvY2Vzc19pZDogMzIyMTI1MTk4MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 98AB 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDE4OTM5OQogIHNlcnZlcl9pcDogMTM0MDYzMDI1CiAgcHJvY2Vzc19pZDogMzIyMTI1MTk4MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjI0Mjc1NjcyOTA0MzYwMDIxMwpkZWJ1Z19rZXk6IDEyMTEwNDY5NjIwODkyNDY0NTQ5CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjU5NzQxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTIzMjAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x18f959130f0f98060000000000000000"},"debug_key":"12110469620892464549","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"12242756729043600213"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 98AB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1705052733378296&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
8f7936b36c55da9737fa5e1554e354de1287d658f282c86681a603987208d120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4151
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C9B4 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQNY3OGVw421PZVyB_6y4hQIAfV1Ld5OVYlLcerOF61DJagafd5z9FSnjONzY3Wz5vqRy7O1v2uh_JJbIll1Nc-nfWKubkL8bv34-r3kWAieq3b7649feTrD4HHocmknlrcjWjsKtnvPOiiqgkNr9HWmRxtadTUV3Q1qDLrzOXa-_6Q3o&cry=1&dbm_d=AKAmf-Dw83Jcjf6vlbgdx8foF0C614YoM9hy9SkxywI0AZ6RoWWhNWjAWZJxrI3-RxFkx4mGYVOKMyLr_fgGyoiWPLtENoEqYpFu2gFx_ZQ4Gfkj5SQRk3gu3rHpgELzvpfc_i002JLKTHDWonwiK7pfyXwGup1d2SddMpqsj8Z70wQfghiXPAW9D1q8fDuLM_yep90AD-z_QcnC19ATN82uE3_5aWiUwAXTkp-UA7YvW_2ukztItDOITVynELFn9C6tFLJkR1_qZgVPZSzkxJ5hphafjciCmnaVPCXCbS1OcudsQQ7KNcUBw_79-7HtPcWKpJM9LR6peezj3NvUxSE-Me4nkxZd2PZhEoHG3-KYWr2fcIYy94MRwTo2ePwEfQyAIIMVK60KAb4RCCBzNXJ2dCktsFqhctHDybfuTBwySDyVTnWnBsNBd3PslWJN43Nj1QQ63XgZgb_4rSy295xulbixqvSGSjATA4VYZXeRL9kKVOfU3VPxA2rkeU1VZLpfbWx10WpdJPHXZCMi0Dd4UEApSKItnWtVGjAcpgx1LBpWuQdl1ST0H1UMxMPjt4hruhC6EcWlarRQ3WiieeYfZMZbEzOmrrHWchS-bndXjXC9z1rsclkl_pmDJg3He4D8agYP-qSuNpgm-3Gb-qXrQ7jWkrP9p8YDhW4FC9D9SIFg3tN7d3YAV4O2C7gJsHeBcyPsEjj3JxneYXKZA8VB8sDsPMKtg0g17xxGZnWEOfun1BZVWlq6Vm-V_t2JA0Tzl7R4HZ4jJh5MiNO2pH35SOOfznHksGY4SPgs76YgjjtGpBq9fCTi0Ty-y12mPb_nMRaueS_9SGkG4LM2pE8zQPFyhjnjwjdKJ1dqQWtgCQmZ0Mb3NcvTql611cHBtnmQ6UIG6LTV6AQy8E3hAIuKSOHTNWtmpekmVAa5adeUSR6e5Ii5VA8SzEQlKPA4u9pXp27h3t11h-juhnmP-c2xe5xWPlv9lTzK5Wwv1DiZyvb4itq1kIcFGhnBD8TIOPsHf6wsLp6Xer2wYMP_HKIj8PhqbPce2hV2U1pmW3dl4gSkX9yIJe5byEjpR2UJnLU0R21juQhO5yacKZE4_e4bgJE_KVr6_rmoUBDbNmCopPPI-WR470myA_cb4M-xP9Be0eeW9kmCziHtz463Pfeg8gPUJz9F3B-TlchghtBSGYLEEGF9iCHFYinHr0qyf7h-llZPwESknS6bAdw9p1Jsw0tRG8vnjttpuuPh3S2zS1SbsrcWXkHw_7YXjnfrf9hvjCYKd95EcOrj5t-yazBMx3rvyxfWZvCxB0-D69t5RZm9BYkH2nSw-TGsV5Ewyih_UpgPpQ97voiy1jdHhsmx2xYrYNmtXH-D2SKJEEF581VPtaDNzSLX80kHq5Zh-WWR9aSS07N4P3zGCJoPNLMTywk_kbG9PF4qKiTtv0V35F2tljhAwxKRygH37eouVeaOWM6T60cy1QP55uL7hfOOEePpVVy9rWXyZMlmXGpeYYt2g_MK0QCVx_-ba--w7OWfRQN-nG66C0ZlvSqFMUHHDhXg8NBMSopE4t-mNviFXtavy5TAfYg88DP8olmp9AjhqeF_ZAmyP7ltgsYE0fdfTQE0_mMJDRW8EA4zNU8smwRUZXHCm0BbqXze0Qzd5WkA2up53ASGyO1uYToIwHEAVULxvbRGZxNcV-grmwaCwykVZAYneCuzE3hpRftcu93eFsBxofWeXgnHpu3RkMGLbRSnjUxSEWSkIZAvs-ee9clKQCafGzJesOJACxGU_5IBWda_vByRAzzWyO4uZ4baOx_jmqAv61zW4-EuwxRukmeVv8jqpk7uu35Vwjgr6nV28z9qNXxX5zrMS9pz82wkcbJlD_UcfYeHR-JOuDTTH15eWYWMMYgePaRr7kFgUlpYiPjxEQuAqAPDRxO3J4gyIxHyjV83ek5cRTQFRpmPcF6fcMXO3jKfa3PGR7tco7TMEriF7d1jYHEiRzylzXWQg7zMAg_MLYU0Rtr69ThwaMSNQD9r3lcrQVTf4W9IBF8kKgJYbzxbLdacTjaSBY0IjHlZPMKKDEtIUx51BP7pEy3racZMSsUzAv9Q_pETRTjVO2fwxKn_a_XbAOzaKPX831HUUzJlj5POKO41ppb_EmTVFECGbw9i8q7dF2vS3JWfdSau20F6Rm1YAJuX9kUc3ZGcVEiqKfW_syvIuR8z5UAHbLdfiD_aUk9ICiZqlRUXJgAL7ibPRm1PlQdM4IkLTtjaI91-jsqNDHPeRooOBDEFZH_fJhCKmdBr4sP5Fbaq4jgr1I_qWwsOWWntnq4Pky1SfgN1jLoaXyB-zye2e-GFHohd9Bi05MSjXWsrbLCaqgLgliroq5XW6okFaFfw7cRk1lQZ9SkowHoxiPO_lsJ3XxtFZbdQZ38JfLRxApbTtPMNvNYx-vdpb8_B_DNLSPRFLuc6ohabVWD7kwk6IvSi2NRIv7-SH0YAyYrCAjauRZv_rwrw-kgpC4khnyZXzMVJ-ttnDtWkQbZwXwvM0qwCMJxg2r33D8bqo2DzNN0YI9Ol8OC_ke9HcLKl5uzhr1SYx0elpzmG-rN1Gz7vhrRUWsRNtLQ-cSGyY5CE99HvkBsD5zDfYMLfcq5t6Qj_c-oHLWo0DFMH2fY1MSWXN1hFfTl7Qn7v7PqhkvMvRa9jIfVcFJGNKN6sxvUjT5GfGmgnM1wtz_CZCGqetjE3xShgyJkUkK1HhmHIjA3vwf-_nLsWJCuJc7XwaOfxYLFzkp4V-tfHumjS6s3LR2_w0BRk414XeKwRrygIwbu-hsLYOm1EtQzIPSvBONSBYjNtLIQsGoqMt5qg3zIg4AwtlFK8Z6z9S_Zo0FbeaoYWq8cAWz9en4F2OfllIgCJLoEzsqwgM94_rDAGp-3_swSO5xXXcxTTKhOx1UwUq_SzNKl6oOcn5GYT0dMGWPj6P-Y9_-Cgalf_wNYXbNUh_74rHi34UPV6ucrau97tBUyazahQ5ETebWg43jfio2JALVh7AVEYvj45DLgAfvj5qafPjhqT3w67Zn_ThZaMSSsfeL83rac8MPjJTyEL6eKHR6xyF69MAaBHEsD8_s0vTTMjHs0r8m9nVrRdIu0oUIxiAijlzLP7noplEul3glo8roRoegcWwZ2iXVp8P8Z0unrHpB_wTavUKCAZJ-fGYQ21E3BzWGjfiNHJJJSmnD-ZAz1anMsDCIt1iLkqvx6JgEviG2tA4EIkulpCvqz6KmCF2jOZlZqdsHIXXagpZJuYavmIQlk31AOoJHqjrIqT8jsZnxCbst3FFZR1QssFymA04qA4AaRtIagubbSmTzgJbCEBelERjhEcwMW3baZOdDNWV236nPODoTQ9SV439mTBGdh5KqK0Fg2hPw4h87N0RPnFV19DucDEsRRaPFaCXGiWjv2_u5mUylM0e2E4XbezjhmWzSNYctvPqI8Wy3oqy7y0Lqf1CCNYgt3eFSx_RZfqj8_2ZF3gCkP5DfkKhq-ntIgUxia8U_WBBENnnb6G0eq2n-cR94qLvutX-e4cO63MHtjn_IfcXMT48ZnevqAgth5DKvfhoUZhn5VP1_Ja74ZYAOn-jcYuyuFKKMQkEtYmHE6K2xGBbXYP5UupGsowBCM2vTw8cXUQN732WYY_4VVtUNhBs_Aw5ZYydU1DizU8xo5TsyGrwO0&cid=CAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xyg688.com%2F&ds=l&xdt=1&iif=1&cor=4376031596484057000&adk=3944675603&idt=140&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:20:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
51923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:20:11 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDIwODU4OQogIHNlcnZlcl9pcDogMTI2MDY0NjI0CiAgcHJvY2Vzc19pZDogMTUxMjU3NjA0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame C9B4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTA1MjczNDIwODU4OQogIHNlcnZlcl9pcDogMTI2MDY0NjI0CiAgcHJvY2Vzc19pZDogMTUxMjU3NjA0Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDgzMjUyODA1ODUzNTgyNDUzNzEKZGVidWdfa2V5OiA5MTc5OTY0MzQ0MDYxOTgzODUxCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMzM0MTU3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY3OTAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xa06d733f586a1990000000000000000","13":"0x5977302b193f65090000000000000000","14":"0x1b6c08082325dc710000000000000000","15":"0x9cf023a5d5e026770000000000000000"},"debug_key":"9179964344061983851","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8325280585358245371"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900012.redintelligence.net/ Frame FAD6
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
406b9858d2843a22980d743fe4089396abc8dcff199a9b2265c98966b647a373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
69768200051962804445006012567012
Connection
close
Content-Length
1355
Expires
Fri, 12 Jan 2024 09:45:34 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 12 Jan 2024 09:45:34 +0100
request.php
hal900020.redintelligence.net/ Frame 0070
Redirect Chain
  • https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
HTTP/1.1
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
bc4d9ef58505219d33c80ae4c235475b98eb3bf3b685734f2c3501397b7183da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
37792900051150604445006012567020
Connection
close
Content-Length
1330
Expires
Fri, 12 Jan 2024 09:45:34 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 12 Jan 2024 09:45:34 +0100
request.php
hal900012.redintelligence.net/ Frame C2F6
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
HTTP/1.1
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
b51a84d7fd18215fbb8dfca24a1d9c4ad58006f3b06d96a505e59ab9ebb35f3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
60991600051962904445006012567012
Connection
close
Content-Length
1331
Expires
Fri, 12 Jan 2024 09:45:34 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 12 Jan 2024 09:45:34 +0100
request.php
hal90009.redintelligence.net/ Frame E28E
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
HTTP/1.1
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
081398905f178ee82a3859eef9d44a9dbed50de7133b9b3f119f9655d1f9c9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
67976600054213904445006012567009
Connection
close
Content-Length
1327
Expires
Fri, 12 Jan 2024 09:45:34 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Fri, 12 Jan 2024 09:45:34 +0100
q84gc72z27ut
hal9000.redintelligence.net/zone/ Frame C9B4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733387479&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
0d6d464f1ce6634e6eafb24ebf2986dea7b13bc14837d69f46d7eba4a5505bf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4143
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3949 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 936D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D56F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90006.redintelligence.net/ Frame 98AB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=41f5672d81&subid=&uid=f6187885c5b7b401&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9427080467518642%26output%3Dhtml%26h%3D280%26adk%3D719996608%26adf%3D992362533%26pi%3Dt.aa~a.489435960~rp.4%26w%3D340%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705052733%26rafmt%3D1%26to%3Dqs%26pwprc%3D4005296234%26format%3D340x280%26url%3Dhttps%253A%252F%252Fwww.xyg688.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705052733256%26bpp%3D1%26bdt%3D2721%26idt%3D-M%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dde35415a78495c2c%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg%26gpic%3DUID%253D00000d3fc0f88a80%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C980x90%252C980x90%26nras%3D5%26correlator%3D7409356389534%26frm%3D20%26pv%3D1%26ga_vid%3D2090693266.1705052732%26ga_sid%3D1705052732%26ga_hid%3D317581071%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1150%26ady%3D2229%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079980%252C31080260%252C95321957%26oid%3D2%26psts%3DAOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia%26pvsid%3D1765420472368472%26tmod%3D830597779%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.xyg688.com&random=1885073371372&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1705052733378296&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
94ee8f662e4f0982334ba0b149480d4e43543996807f1f8138907c24e95079c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
94138800052462604444994012567006
Connection
close
Content-Length
1331
Expires
Fri, 12 Jan 2024 09:45:34 +0100
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2F27 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8905 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
51923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 19:20:11 GMT
expires
Fri, 10 Jan 2025 19:20:11 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame E1E1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
29145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 01:39:49 GMT
request.php
hal900022.redintelligence.net/ Frame C9B4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=&gdpr_consent=&rnd=1705052733387479&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
bdbe0b9546bfa4ab207f377799d86e1d3b254c2beeb4d7904de746f8f1a754f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
89152800055145804445006012567022
Connection
close
Content-Length
1366
Expires
Fri, 12 Jan 2024 09:45:34 +0100
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 3949 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 936D 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame D56F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
29145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 01:39:49 GMT
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 2F27 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
29145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 01:39:49 GMT
/
adv.office-partner.de/ Frame 1E9E 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 090E 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=69768200051962804445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:34 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame FAD6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=69768200051962804445006012567012&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
750a5e78c86dc742dfd94f3d6f19c16e8c593ed312eaf9de19f2cd2fb66cb49b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame FAD6 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=69768200051962804445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame FAD6 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=69768200051962804445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame FAD6 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=69768200051962804445006012567012&pv=1
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=959a1d193a&subid=&uid=9079a416e1b60e92&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9BWHPQqhZcDEFsvZtOUP48adoAKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9CtzAe0SBVqdiC3Sie4ds8lSS7oAvsLxAvpKrW2U5pLOm9IvQNJLkvE3yWF4dVNELTOLV7m2COuMjB8d_V6lY6LKGfa-LwX-k8ZJETYYovQU92m3jtBqNDu7HXQtWW8dgsmFyrcEc6Fx3zZOPt3PDlXoFlF8JhscriSkSMsoBiazO23ifLm5PwY1pkg_ALdNSa7T4CLsvJdX4VI8lP4sX2RdXTB5NjdqDISJjjCfpSRiYx75fDuAMSY9VhQX9Y8qviB7ERcJevDrFke5LvOls-6ZsDgSyoLJgv0RL2gzy15RQf9cuMy-v3ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-Y73s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAbIYBBICv04%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_SXMzoz-EKZM0TshTBGSlXzCt4jsjc_ZTwKR1gv04hXYgALM6JxJbaquYpj5OQIHcgt-3ig8GMhgB%26sig%3DAOD64_2lCFETHs7kLQ5lkSIu3GduL1qd1w%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-ASjbQNw5dMPqMAGTY-tMDArsQalBV4g8ZgsET3FQnrbaNqe11pm2ko0K7BqDVMll2Bf-FP-wJy1B2EqlaqoDrTTzObPObD2Kq68nrycZoehXCRxdwBqfLvFG-S0oRj0HirijkK8i1CQRLcR5GtHV5CAjnAnjDymI6s6KexuA_sBYZmaVc%26cry%3D1%26dbm_d%3DAKAmf-BUuvw8bLIc2E2iolcydF_RfB6Shrn1XBfzHHl7GzCKejIag7iNveu83rCVN84VQ82TPDwBV26Ims_MucNDEdxweRQCFW3yBMVMpgX6euwhHQJ0v_g9MCR7qBlin44QS7hWwa4xZLb92htJO3wy9q42L-Cn3FcBO6azvtNWk9XsKiKO16LL8WjdRgRupsRaDXU-EEe6IMHqxliQzIpDCH0HJMWL693xcUQv2HWuFFMlmvsjx1dNwHLBOvoczHlKIKvBVL0-BAQ2wZx99mjwtTSjV3PEO64_pqaoSKIvyvu60KZuodpiYZllKWD4V7QAi2O5jPuYPi_WMQDk1gCL5NStXNjNit-D7c35vt2EvB00FMC8zm8ALIl7lcTS7YrUXSx1vMh7QjqCFjprPpsYpgRTGsfy5_wR5XaUYN13jdjd1t-6ppJUUJUXKoeHbYsF8dC2DsZIsI_2v-lGLRp5vnt6TAfmZk02sRZo4SVd5uTTcnt7PN3anzAi0GqhOHm5ICzgkbb7GGZlFmKd3DrfNbhiVR2pdO_7hXzuD5I7k6rSWVVw_RH7rsgQ-10IN846cOHOhAI_%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=9018855473089&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
pagead2.googlesyndication.com/bg/ Frame 8905 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19695
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jan 2025 08:49:58 GMT
/
adv.office-partner.de/ Frame 7C8D 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame ADEF 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:34 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame C2F6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=60991600051962904445006012567012&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c42e09e3bac5eee18b9c64783dddd820c32949a922594e9d6d162354337b2ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965
8019191.fls.doubleclick.net/ Frame 570A
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965?
391 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965?
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
eb032f61f3bdde14c4f598b843abaa1160540f4ed00075a432e293564f5a94c9
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
217
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 12 Jan 2024 09:45:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900012.redintelligence.net/ Frame 1E77 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=8062a6bafe&subid=&uid=6e1dfdba18a30c8b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCnFQCPQqhZaaiGOqvtOUPiIWzqAam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOkBT9DBffJUkAja6GkM27VCHUBO7hKaQp9I3i5orGFca04ZeOR6OCd1znOD9weNxozLWi0D0ZNilIRP5yiMcoCUmY0iNsh_NzW3ujU2RVxWhnOWXZkQIZxMw4yWhSoPzoa8BPk1RVTndTzyeHEkytThVjS23MouMZJNjaDJvCGYscbVFB2PehTpquvQK474v6hKTFiwr4kiC9nmkb0mSb3n48rC78Gv32VLw6mQwdzrvWLCiYzZbEaBCKQUrsPSp9t3U7Bx1y5MSL5O3QvOBevwM5gmPsxDWUR1_EC6RSn3kMRGoh6pw1xp3sbABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjOP4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_LRWxI-p4OX-g08LVcSOlOFVt5aAtoW7t73pxFK8SDQYU88AFvTIHqXXY7dEDZ5HlYS3_8Ud0uBgB%26sig%3DAOD64_1ADIY79Npp1Q9TQ7ftmfMzynBu8A%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BMD9-3JWMF8LEl7LTiEEyk1Fa6lGAq17EiwQADGZ-Yjs67heX-BKGKDGAhMxOGNWQ_pLK0HZbmKowFvBieghOgi4QS65mHo3FNnZulnIGZ7UH2TM31stYERIbwSsrXRkhPe3hyaQS7YNZGpdcXatmEmIE2fcH38m3_3nh1KnfPVFJmoLY%26cry%3D1%26dbm_d%3DAKAmf-CAtz3bYZmO4hs2Mj4mZS8PCwbiKv3bSCR919fH5FDgxMdjtOUHEWrr5EcwnxMA8c9j2XO3Kk3y-6KVi_5vi3B9-GnaIpRAWd-FMdjR3DWV9WwdzCO5E1mpjydZIVkZIy-Q2u517MUwj9-7Jv8U-2U7eTihuJyAhtonefRRAxxJ8I1NKtEdVQf-tUXu22gASJZgHJ_35dwffdQw4saujrKdZlrcr_3IArMEcpEmqdZy3S0BF9Hrrofa6jdwUWQtQS8XEaYdW-79LRRGSm3O9WY3W98c2QO2ND8U_hbFWeC95Xx3oWghcehQl9Cg275NeE7enj0azaw2QVh9wHSkwmFvCWZClYUSDe0b_gh14w7_mJfx-W8YxkMRhyu8DD5yGkrHK-p8JBzDqy88zEAdXiO_4LtrqOnCxrl4vtYUROWt1F3ciYI2_IAGjjguQh1AeAMwMJCqriMDa-lDQCFESbZnJeFFfMtIqT3XbRIpxVr2nB0YIowacqcOV31-HtaHKd7ZK9dWKhtba0GViQ46ZvqNbYdYKTTiRvFRKeznrvDUXMI4_GBav0ncUIsv2D1vjSgUzB1i%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1138946024800&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
07f654fbd31c3879b10ec468a9122ff11bbe3f57bf1671807091fa8cec911d56

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2100
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:34 GMT
Expires
Fri, 12 Jan 2024 09:45:34 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame C2F6
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=60991600051962904445006012567012&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame C2F6 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=60991600051962904445006012567012&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
/
adv.office-partner.de/ Frame FF9A 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 2985 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:34 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame E28E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=67976600054213904445006012567009&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
ee66a13f15a3108ed22c13802bdb37e7999861fed46c1f74760193cbeeb5ed2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792
8019191.fls.doubleclick.net/ Frame 1DC9
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792?
391 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792?
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
1b60710c5a90be975f7746ee1699a04025853aa9e692b03832198d64ecbca683
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 12 Jan 2024 09:45:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90009.redintelligence.net/ Frame 3B2A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=9b0ae5ff4d&subid=&uid=f1a1cefc588752e8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJHylPQqhZaTlFvusi9YPrO-72Aam5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQI6iMAATmqyPqgDAcgDmwSqBOkBT9BNR3MzIDlstmRyXfOKyFtvpvRPQkpufIUuKOkyktpMo-0HgxoScRVR08FqUfdFPflMMDU_W9GfJPl-hkAB41bLo4-8R63u-8P386BNG2B5k-OPxS1b129soX9OUqCGwWRwIsMauE8BuTZTPE_xdbhjmPmdRuHhLZIMSK7tUrE7u-W5o4oVRJe5Ueo-p1uqrzdG-667rOgJ_4DzUd_Ffi5u0EM_rayfrw1FUekpZD_c6oTP2BS7aB1I9oNvqWafWKaPsi1B8zKrfDb6eyH5SLMk2ro9hZDMqO39IW_82F8Jw2AS0QoYftLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoKj3s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_Yi7kMR2LEVWJkInKWiqw2JEsYKXdu0dfB2mH1KO1TW_8Cc60FK3WjEqpD9lHKhY2JmfEaEPXpRgB%26sig%3DAOD64_0rkHMroNL3nR2KL61n7mkvuNk9QA%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CU_ZPPmIXwM-54gsTpaZr1JPiNOjddWwIb6T8tRVsBsuPqHDtIhgrl9Ck-bbMSY_0hmwDmixFJaQX4G8YBP_M4MKa7pqPUSoZIS3PI_FGDKuw0O8-6cFjk2f3BJQN1pf4aq8W_dBlQFONVWOBq0v1tJeC6QcuxxMWYgHsUFYINVgL3zdI%26cry%3D1%26dbm_d%3DAKAmf-AxWBxwPME7V5X5fTSrKQXa0giE4dGQjtgsM4kIZcZJZWIS58-pzfhw-WY1ta32_ZZTrIhavmxN2WEbnYyOXhHa80VmuynaCZbC7hfbU1VQsiT8wCDBsLnW9wmog8NWnvaXvTAsBcGUJ7mU8C3De5BZifxeU_1ben7fITKbQNUfLVt_XJr6mJF46rwel2Bp25gwG-yiNAMzNV6nQnAlsyAzgrkW0MBB_F6KtSsnzGQOdlOOVf2B4Sndy7Vj0KYI9aeI2vmVevdo8XWW3-IuiKKlTRSTnTjq2GeZhT56Xd2Kfum5wcu06y9zYSJ-RKuScIcAFV77wvPbYlbGx_JoQfgS_goxJ4vbjUsVbFV9M8L0TljCc4zbY5Ad4P0AXN0xvSurHLJTst1LJRajWVzN_tNiALQmDvGRZBcRrvs0Ku60cUr2PlWgXER80HT055TN11l9AoeYMfefEtG4JPliIRki4jQQOW2tpXOHtFGMsF44-fw4O473LTBsqUKkDuMbVrClJ6f-pHUdQ3CFMQT3cBLkpku_bXHNJ_j91A7vHmkmV20lWxiPDlR0fhZ7kRd-YE1UP1eu%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=1560992314472&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1578772580f34c6954640989579975abd2aa8d1e510266ec1118c923d551722a

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2087
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:34 GMT
Expires
Fri, 12 Jan 2024 09:45:34 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame E28E
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67976600054213904445006012567009&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame E28E 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=67976600054213904445006012567009&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
/
adv.office-partner.de/ Frame ACE7 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=41f5672d81&subid=&uid=f6187885c5b7b401&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9427080467518642%26output%3Dhtml%26h%3D280%26adk%3D719996608%26adf%3D992362533%26pi%3Dt.aa~a.489435960~rp.4%26w%3D340%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705052733%26rafmt%3D1%26to%3Dqs%26pwprc%3D4005296234%26format%3D340x280%26url%3Dhttps%253A%252F%252Fwww.xyg688.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705052733256%26bpp%3D1%26bdt%3D2721%26idt%3D-M%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dde35415a78495c2c%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg%26gpic%3DUID%253D00000d3fc0f88a80%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C980x90%252C980x90%26nras%3D5%26correlator%3D7409356389534%26frm%3D20%26pv%3D1%26ga_vid%3D2090693266.1705052732%26ga_sid%3D1705052732%26ga_hid%3D317581071%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1150%26ady%3D2229%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079980%252C31080260%252C95321957%26oid%3D2%26psts%3DAOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia%26pvsid%3D1765420472368472%26tmod%3D830597779%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.xyg688.com&random=1885073371372&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 3A1C 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=41f5672d81&subid=&uid=f6187885c5b7b401&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9427080467518642%26output%3Dhtml%26h%3D280%26adk%3D719996608%26adf%3D992362533%26pi%3Dt.aa~a.489435960~rp.4%26w%3D340%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705052733%26rafmt%3D1%26to%3Dqs%26pwprc%3D4005296234%26format%3D340x280%26url%3Dhttps%253A%252F%252Fwww.xyg688.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705052733256%26bpp%3D1%26bdt%3D2721%26idt%3D-M%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dde35415a78495c2c%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg%26gpic%3DUID%253D00000d3fc0f88a80%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C980x90%252C980x90%26nras%3D5%26correlator%3D7409356389534%26frm%3D20%26pv%3D1%26ga_vid%3D2090693266.1705052732%26ga_sid%3D1705052732%26ga_hid%3D317581071%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1150%26ady%3D2229%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079980%252C31080260%252C95321957%26oid%3D2%26psts%3DAOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia%26pvsid%3D1765420472368472%26tmod%3D830597779%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.xyg688.com&random=1885073371372&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:34 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame 98AB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94138800052462604444994012567006&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
d200d18205449116dd91e5907011d3faa442a439b58227a5ec453d5c98c1de9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248
8019191.fls.doubleclick.net/ Frame EEAD
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248?
391 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248?
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
0fbcccf5086f6d15d13815f183101d6243cf022f0e57ba85777e433109f9c2fb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 12 Jan 2024 09:45:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90006.redintelligence.net/ Frame 5343 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=41f5672d81&subid=&uid=f6187885c5b7b401&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbcOWPQqhZbiLF5uei9YPv9SukASm5b2gab2TnKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQKvBlKMyWmyPqgDAcgDmwSqBOoBT9By7jchhaThC2ncCc9bOYegl1eDNQR5a4Kq298_X9MP-8FXh9KmyKUseguFcP7CE8Hg-NVkIZPRdG1Nn24EZwJR2St6pNKi8dngXmj_92aUEM1FoxTIEJ587glu0hyNh9pxMp4vuVkYFX_-HwioHHCr4nDay7TXwoc0sr9NeYuhDfLsXxYbrlwv3h88_ZG0L7HuD__FVeALGBIhwEu9fxqo2a4jvcDTFfZcZYa2bIRHyJi9xfXKPLdoQDaXMs2EI5p2LQOklJYQtsRDF9OA8ogl5pSbWHr3BaderCGcFJ5Qiuj5bShwCA39wATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNTd97PI14MDgAoBmAsByAsBgAwBqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwGyGAQSAr9O%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_xUcpw6rfijTYWjfo_TJ6AJ2AFb6C-T-y8IOJ0hcKMIwa3sFUho1BfD-8CKg235gGTUw0z6cNIRgB%26sig%3DAOD64_2aVU8Qbj9Fo1CfnBLAg3TWNArtKg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-AKAfp1749FPX2ipgyUJMXaxXAlfPAkt6xTqn0yNSgu3muxOffh5SR3axSdnfl3ORfBRNL6ea21fiSp0b4UCna0xpHfjFnhoVwu5c3MoXUAyGd2-m46NFWBfyeoK6xcIddC-W9VI_zxbC7M3oUjMft5tD1QnsMUcRryEsGOkFXGIkcDJws%26cry%3D1%26dbm_d%3DAKAmf-CdOKbUGKz3jBg5B6k1ZPae3edScWS1aYc9qGRNfet3t75YFBS5ut_mtN1nmeiP_xi38iWA2gOI1snPkIkH3mKxl-RsnBdDYEzcPUMn9nkbmVIacecUUFjYS9Qt-fg9jqtYedp0bwgB3dvNR1d1kLr6QHTUvYwNkJEo2i5Pk1Ju9U-BMCM7n7llvlK8hlMzC1gf4CUtclmcnZbVw_FmL_26UHHSSBPm-S957Wo8ZeGptVTeaFN3xpG2OgPpdPPHQ2IyHibaWXEpE242elCTVkMPeHCGIR7rvgR9WVj-c5ykpsRho5daIP-_tZy2UzTh318ehohq1kkOiKxjJXNdjT3B8h7KRuJ6l3tGIUg1KDMAM4RMLqX9lzhPe9SQZ94SPiu7KGDDR8xFDNasdgh-LvjHrHFij5QRZB4hLH2MPkRXqO0Papn_5VgttQaK8AIdhoRifpWq9uaTtDU20txkxgzQzT2ftGZ3G6juOCd2i-F04rGmBZj7VCgjEvCemMpVWoaIExpEB_gYTON3LQjSkgdkd-NBlguWxWzF0YF3GyJAcZc6TClWejIVLuewdXOf0b8JuTO3%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9427080467518642%26output%3Dhtml%26h%3D280%26adk%3D719996608%26adf%3D992362533%26pi%3Dt.aa~a.489435960~rp.4%26w%3D340%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705052733%26rafmt%3D1%26to%3Dqs%26pwprc%3D4005296234%26format%3D340x280%26url%3Dhttps%253A%252F%252Fwww.xyg688.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705052733256%26bpp%3D1%26bdt%3D2721%26idt%3D-M%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dde35415a78495c2c%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg%26gpic%3DUID%253D00000d3fc0f88a80%253AT%253D1705052732%253ART%253D1705052732%253AS%253DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ%26prev_fmts%3D0x0%252C1200x280%252C280x600%252C980x90%252C980x90%26nras%3D5%26correlator%3D7409356389534%26frm%3D20%26pv%3D1%26ga_vid%3D2090693266.1705052732%26ga_sid%3D1705052732%26ga_hid%3D317581071%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1150%26ady%3D2229%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079980%252C31080260%252C95321957%26oid%3D2%26psts%3DAOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia%26pvsid%3D1765420472368472%26tmod%3D830597779%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D6%26uci%3Da!6%26btvi%3D4%26fsb%3D1%26dtd%3D25&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.xyg688.com&random=1885073371372&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
107acf0dfba5097ef5b8837ababe22be81088ce5efc0d218f7f9f29ecaa0ea2e

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2114
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:34 GMT
Expires
Fri, 12 Jan 2024 09:45:34 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 98AB
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=94138800052462604444994012567006&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame 98AB 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=94138800052462604444994012567006&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FF5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 98AB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01571fcee7e64e9debddb21e0b34666e2b98816c2040c169a9ba81af140249f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0A92 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C2F6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5273d70a5653a3856c322e39af5541da7271ae5747399bcde0ecb82e731a6adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
adv.office-partner.de/ Frame F5CD 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 6D0A 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:35 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame 0070 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=37792900051150604445006012567020&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
bccf3a8904aeb51c405bb33d37badb43afc3758a85d565ffa5f32e5b98456cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553
8019191.fls.doubleclick.net/ Frame A187
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553?
392 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553?
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
d3319842fe41eb1fa07d77a271161895c5f2c8b47536973a8d0f01c9f2164d59
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
221
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:35 GMT
expires
Fri, 12 Jan 2024 09:45:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900020.redintelligence.net/ Frame 9583 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=263fc17cbd&subid=&uid=694574dc6caff711&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCAn_gPQqhZZqrF6Kii9YP_uO6CKblvaBp1Zqcp8kP8C4QASD0yq6RAWCVgoCAoAfIAQmpAjqIwABOarI-qAMByAObBKoE6QFP0OAiN43KT6AQJ8r-Rk934PlKN3mI441HEVcROOr9Fbic03mDbrtqXqWJkvnaxXN9S-ye6bHCnrPDA58XMEx8l9hxiWdjmW3WcdCIDP5kfD0IPjZ9Enq8Ab0t1EOLpQ8HShO9x_HBm9N0kHsPPKDg7dMM5s4eFkJjkz4rYRn4R28_8Sixoj8YbeluquIc3P9-6f7rZbxESwmaTqTp7aLnLHci3O3Zh7mpH7MpOEPuoms2EHvBuJl24HFTOVnkCsnRU9zg8qxbDNlGlFUaEpOsUStLAyc5BYV_xBdznEtgYQrYoCR1cl7TZcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljH_vezyNeDA4AKAZgLAcgLAYAMAaoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_7CjD5-bJuJtS7SnJeI_xx773A9IoGh5gESSArbpHgp8W8hCrmfJNahSY42_zqRdwsOGnNWlQZhgB%26sig%3DAOD64_1Zxt2lsfjwxsMm0kcQ3Gyd_d-91Q%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-BvkNM8qB4FhofXbEJ1NLd2HnB_VZ33qv6Q-6KsEr-LxuEHYGFhRmO-GJbtbdih65RqaYwvkJInx5DzW_GPbOEFXm3Sf59LSdzmHQ4w5zaTd-l1bTgTA7sXquhuXyrPhQhzZUzO7cOjUvx4nyDxM5fDgf48yibg3nXE4SQp6UGXxRU4EhI%26cry%3D1%26dbm_d%3DAKAmf-DUOYeKEJ1mTYglT031Tw2UUhdnyX4unseO5a8lcq4Qj7ynC4xTRoez2So3Fcn0ve9fmIXJL1QHe92TkVTJEh4GmaoIhADGYM_d0rr54KVeYkLjRyad37LpKZ32xz_Qt2a-QjOGpCoQDujAh0SV-FvhuvgQLlEUW7e7bjJ8FbgXwbaBifJbBcS-aCIPrz-U8cbeYTNkOVdZ9Hw7osov1i3arf85gbO-_NjbM5pvB_LPYyLqGSGbzdW8rnV-ZhGm60Z5TFH7EDUZx8IkK3NX4-X4Smk2WFxnWda808t9qXbGbKqDCXBBOBd3bNIfIKTqr-Ks0UVYRfX2jSGgkJ80vfcC9b39lbclVBDvmaBz2sTiYajbiyItG4hhcdLIaNnIGqFzTVSZTKVaV3N4Cac7MFZbzJoy_czG1utzu1yNKnGHDpxAXUQLdjG0rBo_bp6UcCyioohWJB_JYZrgbJv_3s6a7V7EFCrCDwctv5Azh5jCR9HWWXjTP6YwgoER_2xz8-pm38cku59hbI_wvfsfUUL82FTA_hv7lIWTQ3KmGhUl2JFDL9e9_QoSoGxsqd66uZnUpOwB%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=3580475233434&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
572c723ec3ee5e588426e8131a0059d288d56316f307ac9902366a3dcf9ec8ee

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2095
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:34 GMT
Expires
Fri, 12 Jan 2024 09:45:34 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 0070
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=37792900051150604445006012567020&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
content-length
138
content-type
text/html
cshow.php
www.awin1.com/ Frame 0070 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=37792900051150604445006012567020&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:35 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
/
adv.office-partner.de/ Frame CF58 		930 B
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Fri, 12 Jan 2024 09:45:34 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Fri, 19 Jan 2024 09:45:34 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 4BDD 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=89152800055145804445006012567022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Fri, 12 Jan 2024 09:45:35 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
link.html
track.webgains.com/ Frame C9B4 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=89152800055145804445006012567022&nw=1
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.155.94 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-155-94.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
3049d5f5c7f10e6bde2123111600ff34d997c3419230fc1e5d74407d8f89ba81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:34 GMT
last-modified
Fri, 12 Jan 2024 09:45:34 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 12 Jan 2024 09:46:34 GMT
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame C9B4 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=89152800055145804445006012567022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame C9B4 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=89152800055145804445006012567022&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de
cshow.php
www.awin1.com/ Frame C9B4 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=89152800055145804445006012567022&pv=1
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=331108bb0e&subid=&uid=81e160adb5f0c27d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvsj3PQqhZZfTF5i8tOUPmeu-8AKm5b2gadWanKfJD_AuEAEg9MqukQFglYKAgKAHyAEJqQIjWMI9kGqyPqgDAcgDmwSqBOkBT9DtTXGpvAOxoigTh6FZTa76c_Pz07OH4lBpmZtPxey6Jsf8y0h87G54VLFF_yNqtAEgF-5u4xAb9Rg8tpVjmVfcnygtHKWe0HRu2jTS9AI2188ervFBzOPmQgwl_i01Zl_FDzdL5RTjJa0KxrCYDBmzamIKGPUF8Zskhc8jxfnsDtNgLIzMoBsysf4VJPmbrwoeiA-xkQ-ItzNGXA9EBQGxmmwIqpp5z4ucLtvUljScSfRbdmPAuy3H2HpFop5PQolfHkqBwETXniLrqPBcRjHsPErGdkufnwtoDENHMicXDFuWxWHhSNvABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY17L4s8jXgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_1DRTdyh8QQ1MzwJmJ5JF11WrpJL0MaTgpde-PbB_1fDMJZ6_F0wFFzbVOsYP_sFs9Dyf5ZhLkhgB%26sig%3DAOD64_0vzobINxBINNdRBAReDYHQNR2bDg%26client%3Dca-pub-9427080467518642%26dbm_c%3DAKAmf-CoVahYEulHijd7vhJcORggLnnNKVtkakrm3dr4Sl-55toIe_9SPULhYKrv0HBqlqnK3zajv89o7rtof8Jk-hzDRnfH15mdWV33xIRbQKNyx1mHhcDefuH7kJPoVvo7mcLFc6uyYtfEcNVvzv4Yj6u6G6g7ILdHHnQDabPgrX8tbguh1gg%26cry%3D1%26dbm_d%3DAKAmf-Dnf_sVOzLrK_vSePJtU5w23sPGfUM6xBUuTPlT9r5Q4o2CO544FXLSSGnzBXQSOpNfceV7i31knARjeNNk4aXzZAk-PT0ysS7QmQhrZTVKmp8gugBAfqPE1hLjnHwWTrtzjWtmiNy1tL1UOTSgL93RnGub2ZqZ-r6-yPpBx-M2bd2QG_hda2YqKQ9nYoWoQ7XTfKM5WMM-O4f9mQtPh8ChqlPD5hQz7TBv7fO3KAGHlKgaCskxFI8Tlq9c_UXMChcprufqF22H2uv3nUZkj7GQwUpv2Fd1T74b_NX8AAkMJ_X0jvxfbBMbS-LuXLnOAd1BDlfm8uprgbLKq2Kq3kjNII21ZdInfwlm4vC1M7LwAm-FBBIxAWp_KKws5UIlaxc9-P7S2Rtd-Lzui2_3A8O82PITWLqcSRGQFH6HgbR6jAVWUBrrZcZQF1DFRRjmvvqd2iAPcxdMX9sBcgIczaIJYNkjbi_-1vxdYKy5sYapqimp9vuP-eMHj8YR2381hJG6b3q1_8Fwoa6pAKkdfqGob2eJdZU59CudYkLg48Xo_oRaNc0sP-d4JUG6XTJV9VnNmus6%26adurl%3D&documentReferer=https%3A%2F%2Fwww.xyg688.com%2F&ancestorOrigins=https%3A%2F%2Fwww.xyg688.com&random=5164719998009&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D29 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E28E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
542b8ff0e463bf2d503a7d89ad622203c183e283f65c7bdba6852ac162dde20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 1E77 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:27:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 1E77 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1E77 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1E77 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 3B2A 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:28:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 3B2A 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3B2A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3B2A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 5343 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:27:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 5343 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5343 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 5343 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965
adservice.google.com/ddm/fls/z/ Frame 570A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPzG07TI14MDFVJUkQUdIK4C_w;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7632676723168.965?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792
adservice.google.com/ddm/fls/z/ Frame 1DC9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKfI07TI14MDFfxmkQUdehkMdg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7038543047661.792?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248
adservice.google.com/ddm/fls/z/ Frame EEAD 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKDM07TI14MDFfBGkQUdykoOog;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6121043655601.248?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 836E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0070 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38a8556484f3648842738a8e86d05029a6c214a3c9f47d1b84e8a0a9c312ec98

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame 7C8D 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
223a08c52b5f7266e2712c4c8636c5d607788790581f42eee2c952bc5d89bec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64568
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
gtm.js
www.googletagmanager.com/ Frame 1E9E 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
223a08c52b5f7266e2712c4c8636c5d607788790581f42eee2c952bc5d89bec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64568
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
css
fonts.googleapis.com/ Frame 9583 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900020.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:25:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 9583 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900020.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9583 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900020.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9583 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900020.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
gtm.js
www.googletagmanager.com/ Frame FF9A 		177 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02da239007363b3e1e1b52390522edc388860cbaf261cff952a0962f5488807e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64628
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
gtm.js
www.googletagmanager.com/ Frame ACE7 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
223a08c52b5f7266e2712c4c8636c5d607788790581f42eee2c952bc5d89bec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64568
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553
adservice.google.com/ddm/fls/z/ Frame A187 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CNLk27TI14MDFZ9IkQUd7CcLgQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3129432115066.1553?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8358 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskEIwtrsNRGEll2DbdLEMZMgRyj1uUGky8LdvDIm4_3vx_7q7zimU8Nkr-C-vgUBij0dsAjeylKhH3lsZv25ppiXkPIgOX3XhZq2WbpsyZMoOLRh6E0oaDU15JjpsR3xU9_CydWF9i_Yj_38L51SyKNoHh&sai=AMfl-YQuq6Kumpen85EZHFcjP2RSI4fi7q1OTCC8gEq8Yv8DmsmPAGLhc-4qY-adlo1PQtHaV6BwM1qpb7mAlaeNNsUUlE14RaJUzRdQiaUaB2FK2u3lVaPmm7_uwQEAKrMGUfRli4plZDrVHhmmS8-M&sig=Cg0ArKJSzAYh2veCRwD7EAE&cid=CAQSTgAvHhf_EqbliTWHQBd0NTT12cBJ8RZOZBlBprz4WM5GJ9xl15ZEqI-acQcRfpv6746A46xJTbZ10f1YqNVV0Tv_tHgkymOR_8xkRW7FERgB&id=lidar2&mcvt=1201&p=0,0,90,728&mtos=755,1201,1201,1201,1201&tos=755,446,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705052733570&rpt=513&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame F5CD 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
905af8976eb4169ae69ec5374f055f9ceb3163b725d78f338672685032d1399c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64570
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
gtm.js
www.googletagmanager.com/ Frame CF58 		177 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60d0c81dd8166c8403d2be8c4d05e4d7ec8096b09a31158c190ff87ce2f79a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64566
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Jan 2024 09:45:35 GMT
activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022
8019191.fls.doubleclick.net/ Frame F25A
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022?
392 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
c9434853ff422675b8a69bedc7ccdb98846905e2c55dc6fbf7e6ff789de9bf19
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:35 GMT
expires
Fri, 12 Jan 2024 09:45:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900012.redintelligence.net/ Frame 1CEA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
27fa5b8980dbe579b415fa8ad6709de23394121baed3f9e8fff08926b4fceb3a

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2086
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:35 GMT
Expires
Fri, 12 Jan 2024 09:45:35 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9304 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FAD6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6dcbc985c03afa96ee7bd1821d16bf443ffdb015dbad74065fcfa6066107a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 9FF5 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMOTs5o-z2Cfmgx_KBAbQmY&google_cver=1&google_push=AXcoOmQDP2qNdtsP33M-8I23HOooWZ9HwCN4IZYZftMdQivSq2ANRCC64o_k083qdF3M5oaOi2SAmlpE3wPveaDfukK5urq3CCyYtA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9FF5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENS0-vzco13RKcSAJarkdM8&google_cver=1&google_push=AXcoOmSl1V6Tm5b00u4s1dfhFaLPDzgTrV6DzTBJsDkkygt32s6BsZWADBO4FTmpa9Hbqq7YOzRlPYZ4gXHtRxOr8pobo8DNePA6Mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 9FF5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECQrpBknXEmmuC8uukJ-lHI&google_cver=1&google_push=AXcoOmTRrM3jrwtlW_RkdD4yuL1MXMY3TPn_auHNjEwxaDEmvVTTsFANs5jhVohl3qHQFiujnvJQMznOT6mQrbSRSuLfBcPvcfsZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9FF5
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESENThf3IEVcFPelBmnijUd5M&google_cver=1&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw&google_hm=Q0FFU0VOVGhmM0lFVmN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw&google_hm=Q0FFU0VOVGhmM0lFVmNGUGVsQm1uaWpVZDVN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmQfw939gO_gMrrG1Jl4pa2S9uVIsLvGOSZxbtgrqGNeppiFFws76OYZMd2XUqJLd4MNB7-GPC808ugUVm8N662p2Ruf7kyoJw&google_hm=Q0FFU0VOVGhmM0lFVmNGUGVsQm1uaWpVZDVN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FF5
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrbactn_x79MVK9pw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrbactn_x79MVK9pw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmR4hGhlKriPvch6udw6Wm0OYcFhhDboimjc7T2FGICMG_dkdRO-OzrALwd59h4HOWQKa5q6SWgjbhUxKLrbactn_x79MVK9pw
x-host
tde-deliveryengine-production-5db7bf8975-tllms
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9FF5
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTiPU_U...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmTiPU_U...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTIwOTQ1MzUwMDAxMjIyMzgwNTc1Mw%3D%3D&google_push=AXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5E...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTIwOTQ1MzUwMDAxMjIyMzgwNTc1Mw%3D%3D&google_push=AXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5ErevxeEJ-TXkqGuZgnATp7BasfmMJkMWQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyNDAxMTIwOTQ1MzUwMDAxMjIyMzgwNTc1Mw%3D%3D&google_push=AXcoOmTiPU_Ug3tk5xV94_NaeFJRo7hWOnkY-8dhHDeEmnC8viN4wiJ-YWs5TFAFQWtP5ErevxeEJ-TXkqGuZgnATp7BasfmMJkMWQ
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Fri, 12 Jan 2024 09:45:35 GMT
pixel
cm.g.doubleclick.net/ Frame 9FF5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8I8vtLrug1WcTWGy1Vwlk&google_cver=1&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1OTftH_w&google_hm=eS1YekxQRGtCRTJwR25h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1OTftH_w&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ-hTqxecJTutzj0iLMhRlBkd3gUnkdr9ulsNwwAbXT07Hm1Km2kkvcE1HYoJVucVGw0NYcYMQ7vh9WCDUKJuoNJK1OTftH_w&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9FF5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQ96-kp7JFZoOjqwYRoh2Pa5ejGWS6JGJPUOUWWBmK0d2aydaHaAb89BzZ_Je6vHYoEimv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900012.redintelligence.net/ Frame 1E77 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=60991600051962904445006012567012&a=73757ee0&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=60991600051962904445006012567012&a=7e553510
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pvClk.min.js
analytics.webgains.io/ Frame C2F6 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=60991600051962904445006012567012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
4ZLDEXuDPoWSaodF-Y0qLlYdhHZhFoICMxif17S7PZjvTEOWD30sPg==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame C2F6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705053034&Signature=msqsfVkGhpVvEn6AMLzd~sErnsuWoxpnEE1UZiE~e~-AhFi7scSVO5W6x65YEnzutldwehIk~Ih71ScmVp42VhZCLKroSNWlWfjTDGaKYxCFGYmZA5kXxrBi0cQMKZf9Ie0dsqKDl0D~Bi1r~RveYlji6V5ZKIDyMjo7tObKjj99~3RBz~71hA0i3rRFV-7mjyW8hohUFSd1Xkq7Rm1xkXw1h5WnaxXNX9~FlmEZdTXzFdM~yYN7o27IRgZijBv9oINda~5SHR~EkAd-cWBy-MU6Xq6FjLAiUTXVJjHJ-pxN3miLCkkPyaq0X~fs3-MBqtAQfZIV3bXXlht2ZspAGg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 09:14:47 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1849
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
ATNE-G1YTRq97mw6tMiN2miz7kq3y77sI7IfxTwLh0YI1iO-p__zfg==
pvClk.min.js
analytics.webgains.io/ Frame E28E 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=67976600054213904445006012567009&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TxZFS5I0uReX_8Q1mI5OuQLHXO1F5ylVU5-Ul8hkOKMvpWmAw8zKkQ==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame E28E 		85 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1705053034&Signature=Cz5bT9~G88TpdH2C94IfRPsU2t7bW3Nl7hW66dPAh7MGIBS32fd9eJV2HRJsImkvBu~xKmOPMoSiJWIpyAYlygtCLtRTRPxalKIjVGJcVMz0P6K~rVexFs87bfzz0D79Mji3jvCesqn0GpKQda1MFM7xNuqedM4xU2MbbSHCS7z8SEApcokdhg8RneTAl~w6OUliyIeonxnbdRkUZfYk0nKaMYcOe0jv2FOQpcVtQ10xaVE~reh8F1jvxXuqK~OPFZfhq5j77WoyZ8kVSg9Or~mEc~eyAitfRfLrWc~YE7bsh8J6Gf9lUVbzG8D8vMnV5Eqkqk98Jm1z-iljT9zdFg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 06:28:33 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
11826
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
pO9CBQQt6ivrc30uVZgzbWu-audc1yUuadYSO-MtaTFchCDH7lFFuQ==
pvClk.min.js
analytics.webgains.io/ Frame 98AB 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=94138800052462604444994012567006&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pnS8atSJn3aBAks5_dMai-rhFNYupqmwOy-A0MZoQB1w1Qs8loQ3jw==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 98AB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1705053034&Signature=A39gMEVnH2Gv9pkyt863N9q2oFHcwBWOeiFSZCOCbhD74xbhcuxu2CbztQKC5fzk-yJvThNmdlO5TAkN3x5F3NPxH32ZNx21vblNo09JvZtE6HsAIWNPpc6XB4U7t9j043FqTT~TLi4PxYKXHgEixBDl32HHIJgJnFLEI7lmp1cBtrZFELYypxGOBC27Rp7EP6Fo807l~PxElmWUvvSigxliHPNP9Uz1IMjO~0vb7vyZkESyJnfHdQ-Te~r3AM6s3unddJuiAo8qNaYRS5FQMJFQ0LglaRFl2zzZKZpKa4GhogpkEfYGZJA4EWVLu7YF~kAd2K6JFTGtsDJbUCM4Ag__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=280&adk=719996608&adf=992362533&pi=t.aa~a.489435960~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=340x280&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90&nras=5&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1150&ady=2229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 06:28:30 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
11826
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
8_e5ABOJKwKC1m7nSVYV0v5fRPHXZ6PxDKmJiU-rKJ4xnKDbMjUw-g==
pvClk.min.js
analytics.webgains.io/ Frame FAD6 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=69768200051962804445006012567012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pOosEA6HZWpHCp7-o2kCtwaRnfcjZj0GUUpP6b5tE0S-RBsMc0-mWA==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame FAD6 		85 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1705053034&Signature=Cz5bT9~G88TpdH2C94IfRPsU2t7bW3Nl7hW66dPAh7MGIBS32fd9eJV2HRJsImkvBu~xKmOPMoSiJWIpyAYlygtCLtRTRPxalKIjVGJcVMz0P6K~rVexFs87bfzz0D79Mji3jvCesqn0GpKQda1MFM7xNuqedM4xU2MbbSHCS7z8SEApcokdhg8RneTAl~w6OUliyIeonxnbdRkUZfYk0nKaMYcOe0jv2FOQpcVtQ10xaVE~reh8F1jvxXuqK~OPFZfhq5j77WoyZ8kVSg9Or~mEc~eyAitfRfLrWc~YE7bsh8J6Gf9lUVbzG8D8vMnV5Eqkqk98Jm1z-iljT9zdFg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=69768200051962804445006012567012&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 06:28:33 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
11826
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
U5fk2PP0tm7up0HZt8M6282I5mszCVmYVn3d0OgmYvIJCAN1Sd75bg==
viewability
hal90009.redintelligence.net/ Frame 3B2A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=67976600054213904445006012567009&a=401df6cb&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=67976600054213904445006012567009&a=cb354e7c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0A92
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1&google_push=AXcoOmRyH9OUHPNUX9phLPaQ2O2326WpR_CqkXest7SjbDRQntnqyou_SM-Apr1L9cvOoHeDPj7chshuQSrO-XSgkSOYKYh8Xy5JZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODk0ODg1NDk3MDk0MzQ1NjUxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKIFC9PULhz1Gck5YSexS4I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0A92 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENS0-vzco13RKcSAJarkdM8&google_cver=1&google_push=AXcoOmTTWa59lO8FObLia_ejX2-Y_eCA84ZISdC3vFQ9uAAG4a31OGBIQMfGRkiLt5wTA0HS6kCzP_Ydvgry5UhzMJDPv0SQ2vHXM_HKvRlZM8hNlPJDF-XryR2mAznKPrkWRg-ZweWPpl5uW25tfr0WxmZh92k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 0A92
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFvwlkR24EniGj-b-fzdi3A&google_cver=1&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrICECdUt5aiDKrnw_...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrICECdUt5aiDKrnw_Q-T1XroK3OFqwrafLbqWae_ORQmg8mPsroIqVybIAph6kcUXdfzNbdig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmQKxneerT_ylWrqgyEALQJEzuMawrb29clblk_x7Qrwqcnwb8RkxQCrYD26VMdLTLoohl6DguRWIs90ZrICECdUt5aiDKrnw_Q-T1XroK3OFqwrafLbqWae_ORQmg8mPsroIqVybIAph6kcUXdfzNbdig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 09:45:35 GMT
google
match.adsrvr.org/track/cmf/ Frame 0A92 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECQrpBknXEmmuC8uukJ-lHI&google_cver=1&google_push=AXcoOmQqSWquTHf1Lfj-l-nThDHqdE2BhpqZjFuqaWsPS4f0_vK_w0rlOzaLshEkelJ-I8Cxn6_HO-AagNR8pIpLjiy4JRplN3I-nJqf0z6QfzV-w6h-Hf9vY-2lO-umYtRu9LWdoJIMEztAT1qquaAgTBnlQxE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0A92
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ssHqfHHtQ04IL4tP-ZRuNQ&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q2oxiH_ZU_GQj5rG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ssHqfHHtQ04IL4tP-ZRuNQ&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q2oxiH_ZU_GQj5rGfqNR0rWxz9FSWnSwfwni5BM9aGcbVO3Qg01dZNyUwD6ZNI1cntB0Lyw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ssHqfHHtQ04IL4tP-ZRuNQ&google_push=AXcoOmRUsQdcYf1YyaxHqTwyMkVeKlwTY-igipr9qbo2TP0wtijMM4reuaoPyQjBYjInrNndTl3eyMtvh8P6W39q2oxiH_ZU_GQj5rGfqNR0rWxz9FSWnSwfwni5BM9aGcbVO3Qg01dZNyUwD6ZNI1cntB0Lyw
x-host
tde-deliveryengine-production-5db7bf8975-gw9d4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 0A92 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMZ50rPOZiKC9VIZS9zGOs0&google_cver=1&google_push=AXcoOmSdpyhU4mxYEAEIy6IchCpIecp6fGHizEUKnT6IG7up2l9ulaXjSyIBYxohJJx1zRfLzfdLkNjMSDylUz6gbe1kr8T2WGEkD0loS-jD0coAA7AA4B53FJ0rD5gCi2QU9P20QYMy6D2MMi3ynjNm9bi4Pg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.81.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-81-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0A92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXF...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAwNzg2OTQ5NTc3MDA0NjE3Mg&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAwNzg2OTQ5NTc3MDA0NjE3Mg&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vYNEjk_qcGthftmyHcBsLGzRTafK8QVtILBYki5GWgvAZM0pmCd4GsiL3EzZ_oOpP2QToFBN6ddal3PCs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAwNzg2OTQ5NTc3MDA0NjE3Mg&google_push=AXcoOmSev3nvOaEvjYqz_FZmGrT8aEZvBHxWUIMWmai2tFNIYiDO5jNEiwRqlTakXhvOrILmoXFUx3vYNEjk_qcGthftmyHcBsLGzRTafK8QVtILBYki5GWgvAZM0pmCd4GsiL3EzZ_oOpP2QToFBN6ddal3PCs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0A92 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwuxZfGdHQK9coWhVsaGV6xBaA19orQuP_E7YztfXHoigdfVP0WmmFpTsNIgbLIjB_lORr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=297181252&pi=t.aa~a.2021479809~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90%2C980x90&nras=8&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3795&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
v2.ui2.close2.png
www.xyg688.com/wp-content/plugins/wechat-social-login/assets/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/image/v2.ui2.close2.png
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css?ver=1.3.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1269148eba5c47ce07d332a181a33bf6c78f7e09ec1bb598c6e0c648070f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css?ver=1.3.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
165743
alt-svc
h3=":443"; ma=86400
content-length
1182
last-modified
Thu, 16 Dec 2021 07:37:42 GMT
server
cloudflare
etag
"61baecc6-49e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tjj01sUBVdDw7L%2B1458AsODJXVa0TYxQscGVaSmOVv8lAOfI62b1LNKbki1%2BKQKihbo9r1n1gfw9G1hRyE%2BI5B5L7zimiKI05JxIcCSoYbAaxNac3RaZRycwVunaObInX2y5VGUumiJzaAHvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
844477acac573625-FRA
expires
Fri, 09 Feb 2024 11:43:12 GMT
viewability
hal90006.redintelligence.net/ Frame 5343 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=94138800052462604444994012567006&a=555f0adb&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90006.redintelligence.net/request_content.php?s=94138800052462604444994012567006&a=5a6741b4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
pvClk.min.js
analytics.webgains.io/ Frame 0070 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=37792900051150604445006012567020&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ObKnrp93sJZ6srCl8IZK-F6y0gnwAUCGWUKH1fp2NV4KNs6GtakB_A==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 0070 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705053034&Signature=msqsfVkGhpVvEn6AMLzd~sErnsuWoxpnEE1UZiE~e~-AhFi7scSVO5W6x65YEnzutldwehIk~Ih71ScmVp42VhZCLKroSNWlWfjTDGaKYxCFGYmZA5kXxrBi0cQMKZf9Ie0dsqKDl0D~Bi1r~RveYlji6V5ZKIDyMjo7tObKjj99~3RBz~71hA0i3rRFV-7mjyW8hohUFSd1Xkq7Rm1xkXw1h5WnaxXNX9~FlmEZdTXzFdM~yYN7o27IRgZijBv9oINda~5SHR~EkAd-cWBy-MU6Xq6FjLAiUTXVJjHJ-pxN3miLCkkPyaq0X~fs3-MBqtAQfZIV3bXXlht2ZspAGg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=37792900051150604445006012567020&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 09:14:47 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1849
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
T9pYF975E0REIZRgXf7i0oMWMMgnepDzeRNChW1bC_rj7ElDoWP0ig==
pvClk.min.js
analytics.webgains.io/ Frame C9B4 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=89152800055145804445006012567022&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:24:12 GMT
content-encoding
gzip
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 16:01:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
62484
etag
W/"1885e2f5560c2347761a6db4984ea717"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
DmeQevTYnTTDaqOKa4VJIJ2m5t3TS7tNrvIKCbJzLpxja7_IT_hM-Q==
1x1_0.png
cdn.track.production.webgains.team/7121/ Frame C9B4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705053034&Signature=msqsfVkGhpVvEn6AMLzd~sErnsuWoxpnEE1UZiE~e~-AhFi7scSVO5W6x65YEnzutldwehIk~Ih71ScmVp42VhZCLKroSNWlWfjTDGaKYxCFGYmZA5kXxrBi0cQMKZf9Ie0dsqKDl0D~Bi1r~RveYlji6V5ZKIDyMjo7tObKjj99~3RBz~71hA0i3rRFV-7mjyW8hohUFSd1Xkq7Rm1xkXw1h5WnaxXNX9~FlmEZdTXzFdM~yYN7o27IRgZijBv9oINda~5SHR~EkAd-cWBy-MU6Xq6FjLAiUTXVJjHJ-pxN3miLCkkPyaq0X~fs3-MBqtAQfZIV3bXXlht2ZspAGg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=89152800055145804445006012567022&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-52.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 12 Jan 2024 09:14:47 GMT
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1849
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
0cfiNtzNT3zE00IvTOhNDwGA88IWCFivexTaFS-8aAhcPhoVVSMxng==
pixel
cm.g.doubleclick.net/ Frame 9D29
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMOTs5o-z2Cfmgx_KBAbQmY&google_cver=1&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9o...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9oSZT3NC4ipA8qMMcipMHWKn_Fdn1SE3jBlkxrCdCmcPls3DWQQQ-4Zn5XH7XB5EQoE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9oSZT3NC4ipA8qMMcipMHWKn_Fdn1SE3jBlkxrCdCmcPls3DWQQQ-4Zn5XH7XB5EQoELxIIF5dCF1l3RuEL94aXreWb11qRUOW9I_5I&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSHuf6DmSC3fOptCl360yuQyymbrR8QQky9ElWP4KF66vd-2UUq9oSZT3NC4ipA8qMMcipMHWKn_Fdn1SE3jBlkxrCdCmcPls3DWQQQ-4Zn5XH7XB5EQoELxIIF5dCF1l3RuEL94aXreWb11qRUOW9I_5I&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9D29 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENS0-vzco13RKcSAJarkdM8&google_cver=1&google_push=AXcoOmQJqsyPx6B7KET09IgsEhTKY6d4eg6BwNr2bURN-pKtSV1tWg8VAnU0LDKGuNSSleFHX6-JsqDJHDiyujtJh8WftjGH40hNXUy9ThGycsZyHzsxdiQGegu-lweVPXqoTPBm4gZhmYcAz6fuoCyQr_Ld6hQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9D29
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0RzZWpuWUcxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Uf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0RzZWpuWUcxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Ufms1B_QfpCJOuTZp_RkGsrLbFLGwE6d_Ri9312bFAo_P6UzUyt_tXDhk6AsPzjSWIJHDMCrFqb9QgCdOLHbNW3CCogh-jO3_0IvI9yvkJ5cZ84VCk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=c0RzZWpuWUcxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT7u-vhQHCJ_dIc88fX8g9cMFNOTdNnw3Dw_6Fr-Ufms1B_QfpCJOuTZp_RkGsrLbFLGwE6d_Ri9312bFAo_P6UzUyt_tXDhk6AsPzjSWIJHDMCrFqb9QgCdOLHbNW3CCogh-jO3_0IvI9yvkJ5cZ84VCk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9D29
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmSv_dgIq-ZPToMJTRc3EuhDjkPBjq2w-4cOoV_HotPW4oVs2Cli2H...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmSv_dgIq-ZPToMJTRc3EuhDjkPBjq2w-4cOoV_HotPW4oVs2Cli2HyYDSCGzKmu5MJ6p9uJsqQa-29GUcdipFhCuzdI1BaMQ2cc71D9bo2EKN4TpgB66koXu_QrjVpmSSLGsCKwmRAiF84d0i5Ah44i0Dc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230029-FRA
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705052736.638942,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmSv_dgIq-ZPToMJTRc3EuhDjkPBjq2w-4cOoV_HotPW4oVs2Cli2HyYDSCGzKmu5MJ6p9uJsqQa-29GUcdipFhCuzdI1BaMQ2cc71D9bo2EKN4TpgB66koXu_QrjVpmSSLGsCKwmRAiF84d0i5Ah44i0Dc
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9D29
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPDHHQLWJ2LWL5TCD_3JXcU&google_cver=1&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9n...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9nmcWBUJSqxqTLJTd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9nmcWBUJSqxqTLJTdGvqlM6B0iOTaYoqqXAJ3YanVfXBzr_9bZvbeUQgRjuAbL3mb_07JWDus
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Tc_E6AEmQtwIGi_Qiy8Gtw&google_push=AXcoOmQaTZqQG-ByqIp2qhm4ZMXYQ8AArdnm7jmV40HNQQzLu8X-CnnHSwyCWpapgkeoMdnDrSsypCVBk8ZYDu9nmcWBUJSqxqTLJTdGvqlM6B0iOTaYoqqXAJ3YanVfXBzr_9bZvbeUQgRjuAbL3mb_07JWDus
x-host
tde-deliveryengine-production-5db7bf8975-tllms
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9D29
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7XC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7XC5k4lkOVUABmEGIEFDBLSpo079bQ3HqErtJt5RpeU_DStrG4jS4u5NFIaXhc0NKZ4eBXOKlukosOSaz0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmTbbvbhEj4nnxRlYmxU44sFvApz1Tn7J0KJTq6Ugy1LLlnBcvAk8lh3TXe91O5wqXE5WV6Gs7XC5k4lkOVUABmEGIEFDBLSpo079bQ3HqErtJt5RpeU_DStrG4jS4u5NFIaXhc0NKZ4eBXOKlukosOSaz0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 9D29
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsA...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSO_odGm_iLIxbvtEeLJfRVL-bn64Y4Can2r81VntipqNjLQUlMBMPWisRm0Eo_smRr2WTiQjsWlk00PwminRHJ4Gzq-3DqdEaMqxANkTbPRH5Jb...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 09:45:36 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9D29 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILTZxTlea3YDT3pJkRMjA5ADw6hcpi7JEKANAOHkFeNnecQzBf_hK3PDJORepb7qMfAgZ9ww
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2121492244~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90&nras=4&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900020.redintelligence.net/ Frame 9583 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900020.redintelligence.net/viewability?s=37792900051150604445006012567020&a=abf231da&vb=m
Requested by
Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.52.63.178.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900020.redintelligence.net/request_content.php?s=37792900051150604445006012567020&a=a7371f98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ Frame 1CEA 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:34:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 1CEA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1CEA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 1CEA 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022
adservice.google.com/ddm/fls/z/ Frame F25A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CI7g9rTI14MDFehRkQUdznIEpA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2832725755036.8022?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 836E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5WO8IDSY9RuivNlWo64aYDNEPXCZtYTObwDNXAiftqlpPQP81oEZWY9Tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:34 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmS5ioPeU1vdPbT2SKhTLNDMvUk-SjERNrc9RBZnRL5WO8IDSY9RuivNlWo64aYDNEPXCZtYTObwDNXAiftqlpPQP81oEZWY9Tg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 836E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844477af6a849137-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
388
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRtL9t2JUKhssqnzwj9D6UkoY2rjy-drSMc_cn7Va89TvsTLTKZRKzL4KE3k62zpk-b2FE7tXJ7jvDTkJWczFqi01sYvz1Ge0Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844477ae29289137-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 836E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmQxWSYQLvbUu46i1MssfnN63N2XvTl10ubJh2umdhdZeWcCsxakqC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmQxWSYQLvbUu46i1MssfnN63N2XvTl10ubJh2umdhdZeWcCsxakqCHoaK1ZzOPNkrWMwzczlXweewitAiYno1hVQRvb-P-Ip60q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230029-FRA
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705052736.657953,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_push=AXcoOmQxWSYQLvbUu46i1MssfnN63N2XvTl10ubJh2umdhdZeWcCsxakqCHoaK1ZzOPNkrWMwzczlXweewitAiYno1hVQRvb-P-Ip60q
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 836E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN8I8vtLrug1WcTWGy1Vwlk&google_cver=1&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0xZ7C9DiSe&google_hm=eS1YekxQRGtCRTJwR2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0xZ7C9DiSe&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT8ApXp_b3V2puFDrPyP9AnF08zy4KZUj__FT-1Im79OrPjlcsbfaAo969MoOUd6souccnPwNhM6usqYNPBv8APMX0xZ7C9DiSe&google_hm=eS1YekxQRGtCRTJwR25hVjVYa1UyN19VU25ldEM0cHRhZX5B
content-length
0
usersync.aspx
dis.criteo.com/dis/ Frame 836E 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTvajtGz1tV648v9oDI6gaU6TkpvE4Ii110ROTrc4ZriPjsuxsoUALQeUVPauyihapc9Db2b72ARwXiYbuALl-PGQRBJa7OkRTu&google_gid=CAESEMy1oyVg7z1wsGz14I4o-g4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
276095
expires
Fri, 12 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 836E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAWoygpstsFcGofJDnjlIbI&google_cver=1&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6jz4o2olhK9NCIaA5USqf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6jz4o2olhK9NCIaA5USqf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZTJ2FDmyYLL611ylDUuC6baQl0YmNUEf9i-4s48hutvVkTXuaHiC6GzqCRXInRdhTmelhIMzNruI6jz4o2olhK9NCIaA5USqf
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 836E
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEG973aGDucAw8BcBa-PWWsg&google_cver=1&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8sY95MbFUz3wCgiIlVHEZfgZtw463YOohlBHELt&google_hm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8sY95MbFUz3wCgiIlVHEZfgZtw463YOohlBHELt&google_hm=uJTaA7UKRUyDm-d1ZKTwO_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:34 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ-Gt6TL3ntWPfQ9OyDYp7s7akj6wHmJAf74gQf4aXhMCMqT9RaeEgcyw4xw8sY95MbFUz3wCgiIlVHEZfgZtw463YOohlBHELt&google_hm=uJTaA7UKRUyDm-d1ZKTwO_Q
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 836E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KmMP4k_aoSl0L6ZhGXurif1vnQL9cw89Sk9RGcXaxXQ4pnzAo75NMH446dLkjpRW2LZQUE4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=2796784449&pi=t.aa~a.2021473975~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280&nras=6&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443
8019191.fls.doubleclick.net/ Frame 82E3
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443?
391 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
46c8637bc23996db5a18c8e2c9a8540d7343b4d57cf568ae74731baf904df88a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:35 GMT
expires
Fri, 12 Jan 2024 09:45:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900022.redintelligence.net/ Frame 9D51 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
da7749537e21a5e2f61346a8fac6365d39f697499c20f0b10e23aee8e4577d90

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2098
Content-Type
text/html; charset=utf-8
Date
Fri, 12 Jan 2024 09:45:35 GMT
Expires
Fri, 12 Jan 2024 09:45:35 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D88 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:13:30 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:13:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C9B4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6f18995ff83f0c775af298638790fe4aec4b2f7159b691c88fe8a6628b46e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
images.weserv.nl/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1747760%2Fheader.jpg%3Ft%3D1704960751
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce3320e655c6a7aa54ed20fd84227741eb4e17a426d4b5169224db2038f8e1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
40783
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
20298
last-modified
Fri, 12 Jan 2024 07:29:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdpBhHEkGRFmkv3hLKckw1%2FHy3kSJBVOzvG1LcT6TmBJ0wwyY0R5rZIraipXZl935MT%2F9ENcAbmnRMQLV%2F%2BbwrMlhqT5eOHLsIMcprAFe1jlKoNzDwAZ8GT1DE0WVt3lL4zFPapABi0Q5%2BPepNIO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1747760/header.jpg?t=1704960751>; rel="canonical"
cf-ray
844477ae6ba30e32-AMS
expires
Sat, 11 Jan 2025 07:29:38 GMT
/
images.weserv.nl/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F2021210%2Fheader_schinese.jpg%3Ft%3D1704967215
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430a4ae88e92ac8a9085fc0a389c82bc0920a090d8bd1a97a12a30400f2453ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
69136
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
37116
last-modified
Fri, 12 Jan 2024 07:16:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPmtH7AN72esFC7PbVH6uQpJQLw1gj3VzZj6f7jpmcv7cal%2BZSiIj3ua6r4xithNaZnEdCt%2F9zY5julgIqChVu8Y6VrROLb0d2KqG7PPon3TtZRZtbHY9nGokEsVhA%2FQlWn0DKwXUHNyWcuLw1mu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/2021210/header_schinese.jpg?t=1704967215>; rel="canonical"
cf-ray
844477ae7bae0e32-AMS
expires
Sat, 11 Jan 2025 07:16:28 GMT
/
images.weserv.nl/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F544330%2Fheader.jpg%3Ft%3D1702388374
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a17d91c798b3201676f4ddcd77c19f19d24da108f7008e000f412ad09defc13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
68787
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
35068
last-modified
Fri, 12 Jan 2024 06:50:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL0tTHmxFiIQwIk87ZURKGgXATM41VONKZERZosNbiS77wkedV1mqtcKxdecpTMgaj86FIW1%2FAhI9tu7MPTPBLBlTp9IPgVGreUak2fJynMJ1tjVaaOz2lsfgAG6YcoX%2Bebdax%2FUYZHGZ0DqfaRw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/544330/header.jpg?t=1702388374>; rel="canonical"
cf-ray
844477ae7bb00e32-AMS
expires
Sat, 11 Jan 2025 06:50:50 GMT
/
images.weserv.nl/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F867210%2Fheader_schinese.jpg%3Ft%3D1652363731
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0d49a0c8020243b950a7a2b3dda93bda5a8face785594b9851596de30906a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
269003
x-cache-status
EXPIRED
x-upstream-response-length
50447
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
29260
last-modified
Sun, 07 Jan 2024 03:57:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ3Koz7yNfXc0WncdnVd%2FESh3zzOZ0PUsP3dWgNv%2BU9%2F0OQELHa4NVOkNhXppbTla1sv3jajwPgOeaLgGjrN%2Bhog0e1Azp99zeAi3rfrK0TD1kGwWgyZ4%2FJpXUd6%2B8lQP9xCDmqz9wiHGNFae2uu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/867210/header_schinese.jpg?t=1652363731>; rel="canonical"
cf-ray
844477ae7bb30e32-AMS
expires
Mon, 06 Jan 2025 03:57:24 GMT
/
images.weserv.nl/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1687000%2Fheader_schinese.jpg%3Ft%3D1694751012
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deeb6f32005ba298001b70940206a84fff4455f68f54acdbc5d2d7a4a5dcc070
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
39892
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
20661
last-modified
Tue, 02 Jan 2024 20:04:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S73ooVc4A%2BRmGl5KzXRaFktW8HTG%2F2GVHe7u9yKeKuHtiDPwK6Y5Kz0rjo7OFjoxreC%2B5sSdKtD%2FBOtBp1xVXxrhu%2Bt%2BvXTJnQSCYBFfO5tzjYJscFSLEqnCdQYIpYANXih6DZVrkqnn%2FvnnsJo4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1687000/header_schinese.jpg?t=1694751012>; rel="canonical"
cf-ray
844477ae7bb40e32-AMS
expires
Wed, 01 Jan 2025 20:04:40 GMT
/
images.weserv.nl/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F2529170%2Fheader_schinese.jpg%3Ft%3D1704759975
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26d3f0dbe2fd85b28fce405ddf284eb4b12f3ee5f5f611ec764b895fb5fca96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
38352
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
23202
last-modified
Fri, 12 Jan 2024 05:52:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgRDJg9%2B4E0CTJf0%2B2BjaCiAc8KZG%2FduDTqFVnFofcoNFxYa23E%2FbsGEEcgOJJXUKb6gIL%2Ff6z7%2BX5bM2Qid5gN4HfdjqV7sGAKVylWY1I1IvkTVKZ%2FfaXHMcEGlrI4Fp6jiQJvGkRgqn42tlUnh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/2529170/header_schinese.jpg?t=1704759975>; rel="canonical"
cf-ray
844477ae7bb50e32-AMS
expires
Sat, 11 Jan 2025 05:52:34 GMT
/
images.weserv.nl/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F1270580%2Fheader_schinese.jpg%3Ft%3D1704743167
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d105aa92d94614c082f2a8b2b64b088d7be881e29c830c2fc294f926c4884da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
49277
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
26817
last-modified
Fri, 12 Jan 2024 05:26:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q49hjB7FYqbrC75dcr4uUnIwIN%2FIX0oVhtxD1HLSJoSFWoedQBtL6XiPiNIKP3Y30NCZ5kqOGxCEfPrXskQ7PwcdYwQesBXYS%2BphL0ArB9qecd8cjl3xXMlbiERc1%2BMXlxjYM3qE3MrUZiaLVa2n"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1270580/header_schinese.jpg?t=1704743167>; rel="canonical"
cf-ray
844477ae7bb70e32-AMS
expires
Sat, 11 Jan 2025 05:26:24 GMT
/
images.weserv.nl/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https%3A%2F%2Fmedia.st.dl.eccdnx.com%2Fsteam%2Fapps%2F264710%2Fheader_schinese.jpg%3Ft%3D1642457299
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01afc38e153ce6b681fe866f60b7af037d4df296174ee6f5ff41fe9e7ef43e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-images-api
5
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
48789
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400
content-length
24927
last-modified
Wed, 10 Jan 2024 21:35:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx4mFyUsBml1815eL3hy3dhr9oEnPhSSu%2BIdLLtW8HBVOk%2BJlFzGLcvQqHk%2FRpIGR9VKQ0S7p90IMC3fuCQCZCQpN6HUP0qgFw2CUn2xYWOvt%2BTeOUgexOnwwzOVJ1v1Z1RFitrA5L6%2Bhjw26H1J"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/264710/header_schinese.jpg?t=1642457299>; rel="canonical"
cf-ray
844477ae7bb80e32-AMS
expires
Thu, 09 Jan 2025 21:35:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1E77 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1E77 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3B2A 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3B2A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90009.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5343 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90006.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5343 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90006.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A384 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByKHoPAqhZcr6C-uetOUPnbWJgAUAAAAAOAHgBAI&bg=!ycqlyoXNAAaumcC-jpk7ADQBe5WfOFq9b68kgm4ihtauZBnvpQ_fI2MNjwM_8gR7ut7D0nxE2CtoAjGyFhFSxp1beKraAgAABJhSAAAACGgBBwoAUTym5vO6l33FMZAOo-GU0Oeuf8rhtJJpOZgsYOEMoRwCSp8F-FkHoWCG7SSqB3LR3YoVm-yqlK-SSN2X3lzg0xjSxJoYd6ubb1BYV4dMuV2iSpkC_6U5912NlTmpsU146LhIWjCTJoTsEIxevPS2AHVRpn1uMj77KbY8WjgUkLrqgaahyqz0oT9fnaDLRV2jQas8dU_nN52PV3OcyYf1dELjbF3Zha3L-GGdpLFPnTNhGntgiGyWLUtcWRASnz9zOIgcou9ODXIoa-4z66QKXUAtux8Ed5KnFZRKmZca1b92xXNXNRMOm-lIA6pad_bq39iTR9Wqu4RlYjyeiNIDmXk3D0neNF_bCzaqXXpqGk3VUrtOeeRTLn-ELxFNUAIplh3BrjnONNBBDt69wadoSxOod0DX6EhFJOHSDAbvsM5KgL3-bChfKwPy5-ulPbBuIYUGh_G4LI6GoLUMnUhswO129FLDARdinELzloKIgPGcbIx2WyyMYFCpgzn-YESLKTrkDEWjNYylJK7tLcQalS-xQdUwAodURaSxgcdDZrOj7L_KseKbdKFt2WNzxG8ZwhTwBj4xDGi-zpXDQOQVf3p3qRFxDRhPrMiWDri14L12MCnhFM4Zx5PAdy7LYqPuodBhZgxPGXBJ--qA9NNaMdj64CaXC2Zz3KtPPf74pJf0RBU7WSJqfXp1ECWggLKcuqQYVbnaM_ZY_o-Iz6bQlhhe5Za8YuaXbNWfh1YUsdDSN08sT7sOx5zmtOrZ-UOD9TVxKRRE2tLWkDnrxE8OdAorfpznm3qgJHHZTQoEDbjY59nJhrk2Ri6MlPYvCr6Vr8XUofzYjAjPapPHrFJjDSXABEED320jcG5WPrhoglpp3wdExyQqqwwdBjH_BPrAREbQZISOHdzpRv-QZf-uwyAeJPhMf2d4jpTxFraaZw5iEXnfSYLJQ-VrDUdna4SsHCtScJjaJlr8cgJWX8A84pBT9dJvHoCvDy2b5vRLjhpFYx4OVjwU2egZD4yFAtS3_q9WD2G4oqLeRfZGYhZAjfck06_kMzwVOZMYNYlM_zpvFHCyz_4FP6w3r1zm2_x-3Qih4rziz8QepB0RvoD6LPwAFZMvQ7B0XHG3FwVBLIdlpYHH
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9304
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMOTs5o-z2Cfmgx_KBAbQmY&google_cver=1&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--J...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--JhFnjnftDOhP0XUPnsL0rRQAYlQZMfsMoaGrt4qf6QZbIo0ovScaACpnAnr8evT1Xe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--JhFnjnftDOhP0XUPnsL0rRQAYlQZMfsMoaGrt4qf6QZbIo0ovScaACpnAnr8evT1XejO_XSDEEoK2uXOMg_IipV-4Kv7H1wXYsfzmc&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSYZQT_ZdeKDAkWDEseRqQtPYY23HQu0XrPmx9f8SWoqrbcUgV--JhFnjnftDOhP0XUPnsL0rRQAYlQZMfsMoaGrt4qf6QZbIo0ovScaACpnAnr8evT1XejO_XSDEEoK2uXOMg_IipV-4Kv7H1wXYsfzmc&google_hm=LIzOFZ0UiDCRaAHxkUL9lg
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9304 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENS0-vzco13RKcSAJarkdM8&google_cver=1&google_push=AXcoOmS3atPJpSXNV9Af7639L2s3gl6HxXjJ9N_GNUdnSC9wf1g__9FvkTN_8RHhP8KPpIZE-wQS8FnsxXed8Jpl0OER9pmOIVxuXMaNBPI1RNCGEJkcvJI-CFrhf2nun3aMHXPYAUDDkgHA9soTFxoC2Xr7xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9304
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT0E6o7QBN6qSiQliUuSweBwC72BzdwFrRyulzhRIZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT0E6o7QBN6qSiQliUuSweBwC72BzdwFrRyulzhRIZz9neGrIsKUVnADfIrY_iVSADg6rPB94hv3P8srvbdX5PxeUZRymY0lFiFZbhrTcA4pThGKb-Q48nQH5XtWTGi8-z2z-io6EBLcneqTvdB_iXFOSY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmT0E6o7QBN6qSiQliUuSweBwC72BzdwFrRyulzhRIZz9neGrIsKUVnADfIrY_iVSADg6rPB94hv3P8srvbdX5PxeUZRymY0lFiFZbhrTcA4pThGKb-Q48nQH5XtWTGi8-z2z-io6EBLcneqTvdB_iXFOSY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9304
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFFS1B3QU43aEo4UkFCSA==&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQ05iKzzKVHD01I2c6k7x9gufYBr1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFFS1B3QU43aEo4UkFCSA==&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQ05iKzzKVHD01I2c6k7x9gufYBr1t8f7oTTH7sRpZY-pXWi9VxpeB3yyL-MQBHgii5rfpl0ge4tpNwRLGDAvgiAhFl1nA2AUo1osS3oTOMYPkQfI1lm18fccK392T2Nq-qsmxRvwcnNGsqzEkDpFG7Xw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230029-FRA
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705052736.945336,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFFS1B3QU43aEo4UkFCSA==&google_gid=CAESEAVkX66rHWQ_3p9VQDdZGy4&google_cver=1&google_push=AXcoOmQ05iKzzKVHD01I2c6k7x9gufYBr1t8f7oTTH7sRpZY-pXWi9VxpeB3yyL-MQBHgii5rfpl0ge4tpNwRLGDAvgiAhFl1nA2AUo1osS3oTOMYPkQfI1lm18fccK392T2Nq-qsmxRvwcnNGsqzEkDpFG7Xw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
x.bidswitch.net/ Frame 9304 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMZ50rPOZiKC9VIZS9zGOs0&google_cver=1&google_push=AXcoOmRnfkZhI6yvD_DCB0wRfmTmDlMjTZPfVh33JnywaGaKO8Q7oGF9BATEBU5zNzxXdgk_3VBu7iC5XlIYyOYWpdx2H2covC7FLN06P4g2eKqvDM8AwZvDjDT21RdPV6D5aCeAeCSS2XQ8kJEUYq9uMJ-lgz0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.81.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-81-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9304
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJNmoDU3oqh5cvmM4J_vPLc&google_cver=1&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s90...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s90lWpmhRQnK1YMRrowIyg3NHEQ1dNQjYlWCtxNqU4EgYfniIoSvNWjcDXnCQjTjorEqwugNoocrAt-PGo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODEzNDU1NzI1NjE5NjM5NjU5OA&google_push=AXcoOmQ2FZHtFGRCD3W3MH_kNHLo-eUwIMZZXV4r1N_7LJJYvkCAl1LE8EtGicgb11Sjc7tmcoJ09s90lWpmhRQnK1YMRrowIyg3NHEQ1dNQjYlWCtxNqU4EgYfniIoSvNWjcDXnCQjTjorEqwugNoocrAt-PGo
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 9304
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsA...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRAeKZXlgRjuuGiTTyggvwxRpWsgSA5OvuQ6iqB_0k-k5K45y9Buy40Cm4necNlhwEZ0VHRHXvd7u3iuy7wDjYtWgtJEC8wZcylrurVqaUwHPNnL...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 09:45:36 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9304 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IpCnCxiW19jlCf5whlEbqE2F5pEXSIA7AdPF5xM1e9rKg0Wf3l-SNa_R5zAMYrV-IKhsMing
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=3213546434&pi=t.aa~a.2021485020~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600&nras=3&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9583 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900020.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9583 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900020.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
js
www.googletagmanager.com/gtag/ Frame FF9A 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23d5215c8f06529f705fa76d830e22ff2034d03f3f2767a8508290aa6de46cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93451
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:35 GMT
css
fonts.googleapis.com/ Frame 9D51 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 09:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 09:30:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 09:45:35 GMT
/
hal9000.redintelligence.net/scale/ Frame 9D51 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16513
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9D51 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16984
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9D51 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.202.48.214 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.214.48.202.116.clients.your-server.de
Software
Apache /
Resource Hash
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:36 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16799
Vary
Accept-Encoding
Content-Type
image/png
js
www.googletagmanager.com/gtag/ Frame 1E9E 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed358459f9e9bf38ffbb3403fadcadb27d9bd8e7284d1856b425b407d61df49d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:36 GMT
js
www.googletagmanager.com/gtag/ Frame 7C8D 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15e78f7990a6799a7e0a145ff4fef77e8a3433c8282988f9452591561c087700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93414
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:36 GMT
viewability
hal900012.redintelligence.net/ Frame 1CEA 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=69768200051962804445006012567012&a=7167a5a0&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=69768200051962804445006012567012&a=03d11a1b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ Frame ACE7 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed358459f9e9bf38ffbb3403fadcadb27d9bd8e7284d1856b425b407d61df49d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:36 GMT
dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443
adservice.google.com/ddm/fls/z/ Frame 82E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=COPVjLXI14MDFRtkkQUdqdYOdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9725548249167.443?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame F5CD 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23d5215c8f06529f705fa76d830e22ff2034d03f3f2767a8508290aa6de46cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93451
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:36 GMT
js
www.googletagmanager.com/gtag/ Frame CF58 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23d5215c8f06529f705fa76d830e22ff2034d03f3f2767a8508290aa6de46cce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93451
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 09:45:36 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 3D88 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENS0-vzco13RKcSAJarkdM8&google_cver=1&google_push=AXcoOmQ7HEgBwBxVx6WOPEp-927l1IAWUBxTZ3o5PjyY8oPCS2ecaVEbx-ECzNvNVjGvauBQFmFldLpIMxWcVYEHnipcn4ooOi8gwSAFUlhEtVLwGSnC5IwHl6-hzMfyDV_klu-xuG7G6lEIlS4Llx7HstrGhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 3D88
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmRCmTW3ZuGKx6_7Nhafvc_Ejs-wPbRBHoLBHZvxO27...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmRCmTW3ZuGKx6_7Nhafvc_Ejs-wPbRBHoLBHZvxO27QHDrvHoH_JTf5fl0Z8z09x1yVP3TlYJXQHElm4Ssk7xhjkj3qcf0zq-iKhtcX9poYGPe-ml95GxUlTh4UVvQ8D8OXDvQCMRoozi-6-82m6fTstGc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 12 Jan 2024 09:45:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a2U0NGtYcGYxUm9lNno1&google_gid=CAESEF0Ebd-7XPMHgR_-LSibv9Y&google_cver=1&google_push=AXcoOmRCmTW3ZuGKx6_7Nhafvc_Ejs-wPbRBHoLBHZvxO27QHDrvHoH_JTf5fl0Z8z09x1yVP3TlYJXQHElm4Ssk7xhjkj3qcf0zq-iKhtcX9poYGPe-ml95GxUlTh4UVvQ8D8OXDvQCMRoozi-6-82m6fTstGc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 3D88 		43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEC3AwKDZ5f4DN2-afdj0_tE&google_cver=1&google_push=AXcoOmRbxocsi0u1ia4CGJwA-KNDDQsmkf-ea1QgXS6Z3OLKEYjN53kPSeSI9zHhcHoitftZQczQCiCblz6cQq_gNZ5F-Ie02pDg4FWBLExk21vaRZY-p4pBPpP-oBUKW-oIheybJw-oSnpdCoe3EjtkzDtQL2c&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRbxocsi0u1ia4CGJwA-KNDDQsmkf-ea1QgXS6Z3OLKEYjN53kPSeSI9zHhcHoitftZQczQCiCblz6cQq_gNZ5F-Ie02pDg4FWBLExk21vaRZY-p4pBPpP-oBUKW-oIheybJw-oSnpdCoe3EjtkzDtQL2c%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
844477b12d119137-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D88
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFvwlkR24EniGj-b-fzdi3A&google_cver=1&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPYS9rjx05jaJchvtF...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPYS9rjx05jaJchvtF1AFulEOUO5PiX58Moa0aKDj8ORFalyK4G-NXy1s6o5AnDglmTCsaG9zM0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 09:45:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5673C5F485DB479B80F364536B67FBB7&google_push=AXcoOmRmqHIWuJPzC3z-N77YXtdla2o9SY29rMUbVxuAvtm9k36Ig34ZxMYw5QLNQvSG9IsBAsCtp8WR2LKsvPYS9rjx05jaJchvtF1AFulEOUO5PiX58Moa0aKDj8ORFalyK4G-NXy1s6o5AnDglmTCsaG9zM0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 11 Jan 2024 09:45:36 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 3D88 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSMJsd9LLrkS9c2g1O8uZDo3QbyU3DPf4UOEmtdhQ43x1j_Zb6nrjI7vvuSjyTgDaEgXlWbG4sh9JYtOankG5IxQnlDveWvKUCgaL9BI533bToXZ_nzahvl4QuTBEZm4keS_VtdoPYrCJW2l31t6gfZ_g&google_gid=CAESEMy1oyVg7z1wsGz14I4o-g4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
311144
expires
Fri, 12 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D88
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAWoygpstsFcGofJDnjlIbI&google_cver=1&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoD...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoDzSrApZc5msuCnM3poUW-qRQmN3ZG8hMfLnZ5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoDzSrApZc5msuCnM3poUW-qRQmN3ZG8hMfLnZ5VnKsZ1s8NlhmjSG4ErRca-f9LB5sI_XaonY6QA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-lwthTw4dhGx_py_LqUD1Gd6IAk05mQ8kDi_u1zcHH5ZT7bMk-9tLbpGOco_T8s38cF8ym5nVNHoDzSrApZc5msuCnM3poUW-qRQmN3ZG8hMfLnZ5VnKsZ1s8NlhmjSG4ErRca-f9LB5sI_XaonY6QA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame 3D88
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEInG0_eE-QsA...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSDs1QfzRl2Mu2NeVaVQxUXajH8FEJinXi7JTmoDUxA-4Q-Xrh6dpE0mMIFbq6Bz3NJYYGjgPsUinDfnvSLpq8uyPZMqkxijsBjEO45-uVEfitCu...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 09:45:36 GMT
pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3D88 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jle49fuic8ryzyvULCz5YakCODZsk9DPzzumOPfAXW7fwMnARNJLzSQ0JeIhZHQaf2jKEQeQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=90&adk=231159024&adf=1873733001&pi=t.aa~a.184012209~rp.4&w=980&fwrn=1&fwrnh=100&lmt=1705052733&rafmt=1&to=qs&pwprc=4005296234&format=980x90&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705052733256&bpp=1&bdt=2721&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dde35415a78495c2c%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg&gpic=UID%3D00000d3fc0f88a80%3AT%3D1705052732%3ART%3D1705052732%3AS%3DALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ&prev_fmts=0x0%2C1200x280%2C280x600%2C980x90%2C980x90%2C340x280%2C980x90&nras=7&correlator=7409356389534&frm=20&pv=1&ga_vid=2090693266.1705052732&ga_sid=1705052732&ga_hid=317581071&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079980%2C31080260%2C95321957&oid=2&psts=AOrYGsn_j3bGcQ3z_cyB2lakt8byGtreaeo0L5ZIDptq5oSS1HL-QAeik5GIPf-gkl3cre38FRsFWnLiP4LGjWqJ2Q6VIgia&pvsid=1765420472368472&tmod=830597779&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1CEA 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1CEA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
viewability
hal900022.redintelligence.net/ Frame 9D51 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=89152800055145804445006012567022&a=71709ca4&vb=m
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=89152800055145804445006012567022&a=2938e50d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 09:45:36 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9D51 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 09:13:27 GMT
x-content-type-options
nosniff
age
261129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 09:13:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9D51 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 08:49:59 GMT
x-content-type-options
nosniff
age
262537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 08:49:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E1E1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvwLPPgqhZcWBAYWF9u8Pkq6ayAgAAAAAOAHgBAI&bg=!l5SllNvNAAaumcC-jpk7ADQBe5WfOFe60UIRrC9Ra9u37aYpoZRkVQJsb2ilIHA5KLH1gHmKQNJ-XXiUKW3egDor9QStAgAABm5SAAAAA2gBB5kC5xGELs3pxXX1bdN0g1hzOB9RHdu61iCjs_kaW49l1k2VedqtUdCmeX6ApK-9z2v-zLLurt5V0XfdxbQK9e4qTF7kQAYJ2NT3zkavVri0cy4V864lNKRRkWwxdB50_ato8nvgKlb63HfPbFjLHZ5g37btWrOW3FZhkqa-tnjWUljSK0C1pYRE3mJZT8TWI4fRpow32N0SvpN0GH6dih2cb5_KQIzJF3ttdl2VRcDO0ddjo4s-Kmkd5gkwHyaAi0Uv0tWQ8fN5wohV9pkU40zdiHyI9s_39rKd7bea7KCTd0IsCvewaMnFMvbdZAs3lhiof_0umtXp-ihj__ES-jBlzQqugjklJ7G3DpPytKW0XQI9t4l0m2R8qZnF5Od3vVb3Z8zWHGb88def3bDX9utozxpo8cJ_B2TZs4N0QLoMT16eRyTwk9lhVb6gXYupCXQOE3uXF0Hy3z88gSVCSFS0VZINdVoAnk_o_q06FGEYfbSvcNs0Y2JxkzQ7Cea5ud6ZcllGy2uFvfRSZ6kD_IixnxpjWs9qsl0VKnD0G9n0Y4cXoFzz5R6CrukStn685_R_U-a6pN-VgpCpj3ZhSHrKCiry1TFT2mcTerphYxjBvsz_fPJFuZmKTtN8ApbEEU11stGyJ084OxuWWpcpwe8PRd57mSBtSHrSt9ZJa0Ef5FQCUUdN3m_ssSLGEcFLE31YAqJOvZiE2qjuG8vQ--prZ-x6DRCIU8VY5Sj9yjLQqJV04JLvhzylv0a3qgHQk3Ifu_arFct7OemyqXukt3IfO8cL5yIz4Im_FMqXf9CHFW-a5UgsX0cNgfIIovC589lPjFQUd1tzhAO4t6VTBDB44XTEEivQ20QK6zVxNu_UOfc2VeWLZqddzH1cpqxkdxEcF13u7Dc7ZRFfbc76dRvuShHr8dnKyrMG6fikAoXH1LNzrs7JBfP9QmUzO0vW8V-g62ESuAxlyxw8oJPOOqkSs5vfE-p6ljm9
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 936D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0Cu8PgqhZcuGCrHm1PIP7qCHsAoAAAAAOAHgBAI&bg=!EBOlE1zNAAZ1R9vHVUc7ADQBe5WfONKMY04SuThi80wXs-JOcCffetj1IixfKVEMgpUoqWTZxOcnEI3Mc1fL1NaTEeFyAgAABiBSAAAABWgBB5kC46_pYGFKPFVrSMhoVQDNLu0aCAa2ZBVl_IX9kzrr37mOtyhrAHEmdpG2609x0nwZRc9oV7Cd1uFhBTRFK2KJwTWipLquT9ENMOOgrmvfAtMH2Y2HiAAy6dNiz3huyXar0pwof7Eb0GeD7QnMKTyXdqQtimFdFUV08kbZwFfdqE6n0LNsKMN9mKIpZyEWI2gnkaj2cuqyC3iPA-v60Y4nqsE9sF1HZ07GU4LZyiTQYkcriVnLkZNP8GR_txgVeseQ6gdeD1FvDUpTgOW83dkp3Nblab9VaJSJnEDWExlUPsWPl9OjNhzf-MTzwSz9-qJYFvoK5mdOjGL0j5l1CdegNAYTv9JGXKB_oOByl4Y-FioznhEX_1ESXqyGVP_Riy1q_Pshwfj7UTkpk36QFpIzOrKh3Jg7lHKJiqfM52TW6dBob-G8nX7IgypJWAvQEMshBL2QZvaCxy-PEJuU4dlVOOdH4SzQrm0_fTNkguRZqqqbZiKgXzYdpbtAJXoqz-kw8kxCJatYAY3FKQH2dU0DWBMIxecLA2vveHxNZ2rdROWSwmgN28JyI4CrVK12lNzWDASab_SchffBTkzXJFpJO7WKiGdYJxpdElC0rToejHpaaYmOF15UBg1lS1PCas0SNl_7ahBmzkA3a8DcFnckqKoULDscRGbmPTQHMeM6LwP7Nlsb4CRkb3JgBWtTGDbjIxw24B9hRH-KfNCalPOGqNTzfhQz96r4wBZfb7R59YxognsRwqnvYoEgttHfUOhQJ3yhUgzP9dQ58XrfIaZpB8JDe08mW-I5W6WeaUSnfHhZpMNK0aD5uujGCRQjMWuNO2S7g88JWXjvOmYKIubDdycfVwjM1qhyXA32qwYNK5jxXNWTtopcmtpLgYrOPtZKECtnTghzndBgzyAg0AARTsAOaF9JvoaZZDhQpm8O6CdgVhzMTn4euM1ukA1o0dX9_ql5CHSWoOnYaPqpYjm8UpiSfFg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D56F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B0Zm-PgqhZf3BCorH1PIP46Or4AYAAAAAOAHgBAI&bg=!Li2lLWLNAAaumcC-jpk7ADQBe5WfOHzyoXar4rQU3SyuxxWf0rzOmZSLsBDLurlKTmWxLGG9nREJu0RJS1q5JEm_tZDzAgAABkFSAAAABGgBB5kC76WtnqAFucFBCR99d8ZkCJ8ELUnmVkAPTkWsYq2PugAiy9Zsr4XsU4Pa9HIbyYaF61b5VohCyHrXgUxRG1Gzksr-QDebzIcBPD6Acdi8MSpYG0v7chLvn1GtoLjsOrbjlJQU-sBWQPmd7TyqEOSdnNBDNY-fl5cH1n7sPaMMEperwnC7w5I44-qpIzwYrE2nNEA4WKlNgoe2yAjmnLMhFlIloWYO7txra2ybXRaWGY1K77KTanDxpUbbEwkL_EUTBp7gZn4G2-tfZXTKlSty_vuQUmqwuJrWZowlYiW20deWCCpjI4H2AoYR4qu5EcDZnzfqDHaAysyPkEz6WdGLkeMyhJl_J6XbBDwLwnXVRLrZgdmG-PEHd6CF8FFsqomY6e4y78Ene3DP1X7Uh-8z51-RFEHuXPKglmJHXtFZGtEK5pEZA5LIrqoJl6K2hYs9Xbfbdpqy8o2bc5s7X48YB12DGc4W7sgavvljLscauQtSojs5Rw50-rPZBycWTXomIYm6mTuptJ_MbjKrEw7Xo07RXitFnNAgUGVCiaaVp8Fp06GMln64nCWyo5ovp6JbaFJXtkLjYVkEOO6hMrdZr2zwx0Fyt7tlcw1x8_UFJZhUbE7_TOP-cl8zQ6FnKULPw-0uFEJo90jReiI9PM3GS5lhsCjmAmXR20k2BpIh_NftjWhFFtqqTZQO3xJSBhaX-DPIrBNMsaKVJgZLqK5UnrMRHiIHDGynpPVWWy0_cKBlYEpi3c-19prr4Id4FgIsInWwrFXYZfw6_tqCJ-KNCyh9YzloKtQ4OfhbOvBp-w2N2EtzX7TUHqOO8jig7sw3upzhCT1y6TYVOS_KG7l6v4euMDj7hwBOIOVgY_ihQ82E8vOmfefmh0fDXofsyYHpZf10OabQBMd035TtTmBWddEnvj2-O8GOZlTIHHrGG7EvG9CCNJz_xbEUbW24Doq-qcN79nmkjlNKbzZnhWg_-0pEoq0-r_nDiS8Zkn9dbMA
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3949 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnT36PgqhZaKtCfSvjuwPs-yUqAQAAAAAOAHgBAI&bg=!REelRwjNAAZ1R9vHVUc7ADQBe5WfOAdu341v1RCWe4C36-NJltk2pGXhtzk_LEtRIDx8gCco0TcYC7b_qnsi8IFcPYTlAgAABtZSAAAABWgBBwoAdEW0U-y3b9dNXV_vR-GGirZ0-yYLDOklh_Ir43a0pgDmWWckVptdNuaxbAshUQoI6140NhsBchtC3ieOISgNFr1PKprtpfJ44TbPIMm4HrrmofzEZdSGJKG21QuoBzdjnLWc4oFnQBJMJPkKeeTZLsOaB3J_mQLazWyjUymJzIJSPzop477232BcvKYaejnWvkh8vI3vpHqvRll9wyMZ-bKlxIYclZz_zQk7enVyaCfS1MTHPpuL7yxBW8n3fmAHyrFQv74pT74OywIWys4sv9RK6FMqiv1rR8DVqFroOl__hP0vDRa0wknnfn6AYnx1-l4laHJtr4T3u3zRAT_Hmlp-1KVjhQrEFX1DCr4d2B5JG2Yj6FoiitSnGw1jwcKqt-paizdTFhL0w323G9UpsmT1KxIKlYOcwsnG-jpnDG7PnloZCQo8phfvkWY9CSs9FaXH9zo8nI6QKB4VzswCqFKqkQ65tSi1uhCGYyoRWRQKGYje-67MCXlJ9GvuwDufBuJgEhnJp9xYomuYY9tbG75yZo2yV0TFKwmINY2stDfnXZ0ugCnBXJZic_zY1wbIhBoY7Um0jtLIw7v9gXUHuAZUBZa-tMI8DmcFJAwAP_0fWDD6pok6gWy6M0xal5nAqT7_SqHaWobzB68VA0_kB3qS9cKY3x73w_4SvrTDZbK1CgRK9XVHv5RvjMt4GnpHCTtZ6eatGkqLiwfBEFppZ0o1oRajfajzrztb_io7uaQi-f81rXuVKysGCEluA6hWduTA512XXL1LVESQWofBnmbRsjDkAMPUCg8itjWQaejDdVMzR_9CRG2Tt2edoqhX1m-zd1mgBGGRfUSEeVycZlTZKcM1IUmMGFqBS50aNLOqBjbC4jVJtLzT2R5YcZg2K6q2OBDXluRrz4S_vsUhYGKAm7W0V3ipORtG8F1QmFS0gPX2AOJeInIe3k7mAOfPEoa1PXzynjFZPYQS1wtVynfRv9gRersIAiVkiXugnzb9eEkvgtZ5FCXcyjQhZ8ZPNDNKB87WeR4jOKiW9A11znOhpTICPY2Ej-pFAEO7aKIXEC8hMy1LRNrnpusbDdTvxWPdGuoqJnor70Y__1R0Tzevd5C64gZ_zGpHaSNKmN80hw
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F27 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bn-35PgqhZdfHC7HH9u8PjM-BgAwAAAAAOAHgBAI&bg=!T0ylTAPNAAaumcC-jpk7ADQBe5WfOLnHUrzGhrPVR06mqbGIIGsdrZsc_hVcPhTHmfl_LvSoDT1pVZADyo44oXK_HqT6AgAABd1SAAAABGgBB5kDArRBLtHSZ8-YTfatV2vJqjDuiFjNBkUIqhv4_w6iSS9HTDSkTdFRZb2mHxMouGdgX21v1Gtns2Wcj6Ak5HwqyyVIVb10ueTN72stgryQAjNb0Z8jBcZmE3UlAS1nX-UzSp-Ej8IcOwIjKnHwLNwBVwf1RKmdZJo5qOCTH7ju3SC2IG3D7-JuOoFQrzoJucOY4WcETjJwroGDFiT-__XG8MZOTk66I30ZI2VqIyk7o4_FWYjGPeP3XruqZIQh6vIB49b2IMvvaZDaxrsdWhKDriBVGbB3_ZfhNi7Odqa7xui-kygkF-PceklbikWcRi31newM5hBfUfbXkxJsaEcC1xrVEDSf8GPCRNwfodvfURd9FkdyoaGfZUzPhK9HAbUVyff_4hmZN33x4z8E1vS7fYNUMfBNYrzPfPtnJHmq37VBaorbsUN7afj-fz1Ea54nMITKLcWHFUdhBhM5jR6fGHqogokIJI35FRPjHaYTECc8T3mUlRcTqvh1HSexK3rKl-A7kUTESsODTAAqTD_YKMF2TB0ZHgQBJGgzDfrrUQhcjuujCDI8u_j7TD5ITh6uw1AgijTFWULiaOOEPNQjlG043175-DtwQiCAfECmdHh4_tpGX8mgNNZiADl8JkML6fdW9u0w4UQvS6TYDfG5upp4__SyzJGThlHSHNMR_ArJRxBZBgkadfCcq7Hqw3-US5N5VeEJSxFgbZjWs7n0n_PA0jNRTDPizTCesJ3j0xWv0AIIO5_XlBlzwBWSql-Xqfxpt0TiOG0OJfBLzNEmccEKAXKQdj8IzGRwL-nbUka4vP_1SzIkO-qKkbvQ4JjVuL7OzTa3Htwyj74JgfLnYJ-ffBM7qIhTZWhhMDcEJ5SSr_BxxoRN4zCx4UqZTmyDKj5EoU4drNezkAow-NT1D_pe5D4fokFE8ZifS6K_PiVTpc4Xz17pGtK7kah6g6WYAF5NOy2_2EVVpvtdWaERjuoVPcK0TsfWnumk3WJH0zjwECn-SIjsTY76O2TGYnLieLIC
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame E28E 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame E28E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3533907465660&version=m202309260101&ct=77&x=1&cor=14469729380696943000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame FAD6 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAD6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2681434786798&version=m202309260101&ct=77&x=1&cor=164181914731393660
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 98AB 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:37 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:37 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:37 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5667311343560&version=m202309260101&ct=77&x=1&cor=1565099126655631000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame C2F6 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:37 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2F6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2135420728574&version=m202309260101&ct=77&x=1&cor=6023565654924365000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0070 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=900136931182&version=m202309260101&ct=77&x=1&cor=13049535889327150000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 0070 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:38 GMT
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1eb193044b2704295c69a7c272d696b93c7483882b8f2dd4a60e926d4b9380e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
tracking-event
api.webgains.io/ Frame C9B4 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 09:45:38 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 12 Jan 2024 09:45:38 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 09:45:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8905 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZuw_PgqhZc3dDPCvjuwPhISQSAAAAAA4AeAEAg&bg=!jI-lj8DNAAZ1R9vHVUc7ADQBe5WfOP6h7Ohppsw0pJtcDmCit8QJos3oXzQ_trQk8y2tHn7zq0CMhoVzKp7XPl2MJx47AgAACzdSAAAABmgBB5kC4YgVeiTuiZq9b5qfCuucprDmCHJJ0_6b94YKShtb3dKALnUuTCGVP9-hk1yPh7vXvfSTEUbP5kTOu_ClxS88CnHAnNjizx9PIoCLg5BTNQ1xr2EWlhd4Ro4YgVwD-SjqWuBT8IngMxaHCA_FkhIk87s0LW_qfmem76mZ3Oh5WH1HPELB68oxcFDE0VtC7coPh6ULchIj6ZbrmesPpXpbcX7kcB-fhGue_wEoShPj9NT9atv3u2uZ0uPbz9XvTulbwCjlOqSSnIp_v3RlkhrLgRZrzDi_YNY5uZ3whsfe6E9vt1Fwy2Ux7x3k1OMqRsrWJGJmzdevm9vv70hCewcYmeRvE6xV3WL5KICYtIIA5Y-9pRHl_9qJwhQ_lJs1xihoc5GY72NTAQE-0LR4mUJ0hzTW4wGypVmMj8R-LX3vit6XrqSYMSyVOnATktCwoxcVhiB2gbUr1lUqjAHBvrCT1Rsafik8vf0nCcHXQ1iH2ya1L2N4KUY-7y_YFiIjWBxK-f0dZhDVmYbm2ZJmlrLWvwiYynUolSiNP2tvuPFqpAXTgRT_gkjSaOL8SNe1m8URDPPCZpTH1Fyr1mzng18g3s-xxaAleLRhGtBpa0vlRd1QGwbPSvEqMspPOezta8T_GiUOqRWliqM4AaKhBmwn8c_Rsae8vixuR221dzr8a4koaC2O-kFBTap0k9vkj3T3dlp9RHli4ICy0LZNowQDuwxnDazRWMDJlVU5imgUUdTDdzdJfwSITJKXFjMOCeqnLmKwWIreIKUBTPqxJEEyFarSm832qv1IteglaMcd5B7SAqJ5OvsWXeRrgVQCtyolNCZ9I90FrWDksJEkZNQYzlUGeNNziRnC8vcAg5FwKqMFlsMeTpuQz_p-mjp8xvqolTM8lQEewzcAARlRlelzVk78E2gX5TEykBMCcUUEI3EpPCAbAeSo4qzZJBsBLSLWpfeKD7efYBMtEyL5VKJf6lbI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9CE9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 01:39:47 GMT
expires
Sat, 11 Jan 2025 01:39:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5D9D 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e575a522e02db1dfcc1943d3bd080f767513ac0d10a4355299bd1cf4dbc6ae82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X9ZwVusRNm71StW4mFPd2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-X9ZwVusRNm71StW4mFPd2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:45:38 GMT
expires
Fri, 12 Jan 2024 09:45:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1765420472368472&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 9CE9 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 01:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
29149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 01:39:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 9CE9 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?rCSHjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 09:45:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C9B4 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8343267435364&version=m202309260101&ct=77&x=1&cor=4376031596484057000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 09:45:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1765420472368472&bg=!AAOlA0zNAAaumcC-jpk7ADQBe5WfOKB5dW8LExYJufvgnffknj3qFSGTdxNOCEdQF4E-1k_QrR3DzRg_Y9ua61DWXSliAgAAALBSAAAABGgBBwoASCyYl77tm0wW3041mGdlydYWIkyHo5imFpliEdjYcQipX6QePzdKUWnH_MEt3omDSrWRy3qac2CxhXgfHswWCXxpW23qQV35MJkCsYOv9w1ysLVwzmTDbNGDMJuN-OqIFicHbdC7YSF8g5OlQw_hrmY70jKN8e_e-BUBPHHk1ziBn15VkEmZSJyDqyaZ8ww6W4CDPm7NHRWubxGzOC1IBRlqYHiXrTUI8oKa_AUdyPA-HBBPnxn1WGxme4VDHL0YLD_xjMBO17w3OMh3nng5j1vC7HewafeDoMlwK4uJczJkCG8-Eps6dKUR-yBcPaqYACdT9P-6BcCiJRGxncz5wQhVY7ig58YRxJsWh44QZtfJMMyLA7yeGzCI434j3tTxjjp-OUEBZCqWQKM-K_BtBgqLenTs7APCHEWb_fJBhyIV9Hrn3_HykZiyIBCla5_t5sBWA0EZFxB0KEFGyE1Z5LqE-RSMWeMFJwkxaH_xktuLIp42urnm6AJGRVeQVIuxg0sBwBOUxrUy9TE8PbrPYwhopB8_FOX5CFT71dWI_SA2orP4BLa4T93czwwyC0fDJzqyikQM5msM4uYOGpBrS36nUzUiPcqsvRDsdjSPlksYXiy6CYUj3Q1oyG7tp_Dxo2W2K9pbbWAEqeFFBSwcfEI6SNn-fDVaE8DL9a84Wum80SX2XDDrVCmhW0U41GexuWgzyZA57HFHAu0HXWgTVvAhWAqmi9KhPGdtC9PUASyhrvLeNxVx0Wr2Hh5MCL4G33EO9rTQB47nW5FFP-pCrmUptpz84OWD15dtwg4dnP0Y56Pj3_dGvBjuNtDPi8QNJXIuhIcGgxa3_pp2uwXfve-LqNoS_L5qiTdIvm4egm1Aj9IwL8RiMojsoaj607Duuk3kYU6G3bsHIcK-s0Zv2VPvtGEawvyK-GXP_sW9RNc04KMkqFYWzJeq-gGs_mzv_wa41WQw9VvHl5fsb6OFxh-zwCzYYmyGmc8Agen1v5chVhfbUgHG0zclsRnC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture undefined| $ function| jQuery object| dw_reaction object| to_top_options object| adsbygoogle function| _ object| HUParams function| _load object| xh_social_view function| wsocial_dialog_login_show function| __modal_wsocial_login_resize object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| MobileDetect function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| tcOutline object| czrapp function| Waypoint object| _params object| $_to_center_with_delay function| _trigger object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

44 Cookies

Domain/Path Name / Value
www.xyg688.com/ Name: wp_xh_session_050f920e85de064de828e63d202b6615
Value: 56d0c0f68a61ff39f2a7324e3b2beb1f%7C%7C1705225529%7C%7C1705221929%7C%7C2f24d19aa86396be8efaa14171336024
.xyg688.com/ Name: cf_clearance
Value: 56gVY2FsgV0tsZUUusjfDfSVJvrpyqtqruGeR.Y1HBk-1705052732-0-2-fa833ffd.d8f8c295.86c2b8a-0.2.1705052732
.xyg688.com/ Name: __gads
Value: ID=de35415a78495c2c:T=1705052732:RT=1705052732:S=ALNI_MYrXnz6R51ZcnCqDOVoCeFGmG6ILg
.xyg688.com/ Name: __gpi
Value: UID=00000d3fc0f88a80:T=1705052732:RT=1705052732:S=ALNI_MajuYsp_0W3X2wk9tRqVoiiCiGSEQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnRzzIVpTnoOTj1rkJlkT5Yjacva-x-6cZITYOZi8RKyCGbjva6LAecSHxJiws
.googleadservices.com/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMID
Value: ZaEKPQ7OtRYd66fP7toyGgAA
.casalemedia.com/ Name: CMPS
Value: 2157
.casalemedia.com/ Name: CMPRO
Value: 2157
.adnxs.com/ Name: uuid2
Value: 8977279059288810773
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilh:I9z%!@wnfH8K6pQK`!5=E<*L5?%L`3MA[jk1#E7/1XTJ2F0/g4f7YwAccbdUJ4RE%nugO%v4VB%no5_*7hKh
.adnxs.com/ Name: XANDR_PANID
Value: -NdxIHV27IwVjj65jnLO6wW1hie9b7Ld6-9HkvQT18u-D4ZhrWgTQ_tTIyz0euVUBc6TnFk9t79U_HOmxccy46z8-zLnkeq5NDENFUvdyGQ.
.doubleclick.net/ Name: APC
Value: AfxxVi6m0chcqxrWzaNeewveaovnNo9cQkcNzhUXin61xsLWmefmXw
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 4a14287304cd5e5d
.awin1.com/ Name: AWSESS
Value: 408799:2874697
.awin1.com/ Name: awpv22610
Value: 296283|1705052734|556cd880-b12f-11ee-8694-226555b1c0ac
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%224DCFC4E8-0126-42DC-081A-2FD08B2F06B7%22%7D
.quantserve.com/ Name: d
Value: EEMBCQHxKoEA
.quantserve.com/ Name: mc
Value: 65a10a3f-7c256-86fbb-edf47
.agkn.com/ Name: ab
Value: 0001%3Aj7MYmzdYPf4RXz6Td%2F%2Fo%2FYrewLZLDcjz
.agkn.com/ Name: u
Value: C|0CEAtM8a_LTPGvwAAAAAAAQ13AQCAAQpAAAAAAA
.simpli.fi/ Name: suid
Value: 5673C5F485DB479B80F364536B67FBB7
.turn.com/ Name: uid
Value: 8948854970943456515
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBD8KoWUCEBRxUtSGRrrbjczJVE9mg3kFEgEBAQFbomWqZQAAAAAA_eMAAA&S=AQAAAjzWG-eJrB51_gV1PDBO_zs
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%224DCFC4E8-0126-42DC-081A-2FD08B2F06B7%22%7D
.adform.net/ Name: uid
Value: 8134557256196396598
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.w55c.net/ Name: matchgoogle
Value: 5
.w55c.net/ Name: wfivefivec
Value: ke44kXpf1Roe6z5
.ctnsnet.com/ Name: cid_b894da03b50a454c839be77564a4f03b
Value: 1
.ctnsnet.com/ Name: gid_CAESEG973aGDucAw8BcBa-PWWsg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaEKPwAN7hJ8RABH
.addthis.com/ Name: na_id
Value: 2024011209453500012223805753
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 65a10a3f0dfcbf45
.addthis.com/ Name: ouid
Value: 65a10a3f00013f501507ce5614ffa3cf9d812f8404260c703b84
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20240112
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1705052736088,"clickCookie":false}}
.tribalfusion.com/ Name: ANON_ID
Value: ajnt6ZaOleq9PZabpryvqnx0a6Lkl2JKp1x33FiZdU33irsvNJPZdxQ9JD0LAmYiCgkgb6e5FZa8ArfnaFYXUV4Mbo9L27Qls

8 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHResoyKVwpi5YdrKA7UgRc&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ads.travelaudience.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
cravatar.cn
d.agkn.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcore.jsdelivr.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900020.redintelligence.net
hal900022.redintelligence.net
hal90006.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
images.weserv.nl
ius.ctnsnet.com
match.adsrvr.org
medialead.de
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
rtb-csync.smartadserver.com
s.tribalfusion.com
s0.2mdn.net
s2.loli.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.xyg688.com
x.bidswitch.net
sync.search.spotxchange.com
116.202.48.214
13.42.80.79
138.201.63.149
138.201.63.164
142.250.184.230
142.250.186.34
142.250.74.194
144.76.104.53
151.101.194.49
172.217.23.102
172.64.151.101
178.250.1.9
178.63.52.121
18.132.155.94
18.184.81.93
18.197.162.124
18.66.147.52
185.89.210.180
2.16.97.41
2001:678:cb4:bbbb::11
23.56.205.163
2606:4700:20::ac43:4528
2606:4700:3035::6815:1c42
2606:4700:3038::6815:eabb
2606:4700::6810:5814
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
2a02:fa8:8806:21::1690
2a05:d018:d29:3602:567b:9400:1b2a:e999
2a0b:4d07:101::1
3.123.94.79
3.33.220.150
3.71.149.231
34.91.62.186
35.186.193.173
35.190.0.66
35.244.159.8
37.157.4.28
51.89.9.252
54.36.211.7
89.149.192.201
91.121.248.44
92.123.17.8
94.130.102.164
94.23.99.218
99.86.4.52
01571fcee7e64e9debddb21e0b34666e2b98816c2040c169a9ba81af140249f3
01afc38e153ce6b681fe866f60b7af037d4df296174ee6f5ff41fe9e7ef43e7d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02da239007363b3e1e1b52390522edc388860cbaf261cff952a0962f5488807e
04bf4059679a52fb1301f58a974dedac47594cbfb4fe74fd8a9f7576ed7ae216
0681713c57c066eecc6cfb720699ed819f6c1d79ed9a383e5f93b710dfa74572
07f654fbd31c3879b10ec468a9122ff11bbe3f57bf1671807091fa8cec911d56
081398905f178ee82a3859eef9d44a9dbed50de7133b9b3f119f9655d1f9c9db
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6f18995ff83f0c775af298638790fe4aec4b2f7159b691c88fe8a6628b46e9
0d6d464f1ce6634e6eafb24ebf2986dea7b13bc14837d69f46d7eba4a5505bf4
0fbcccf5086f6d15d13815f183101d6243cf022f0e57ba85777e433109f9c2fb
107acf0dfba5097ef5b8837ababe22be81088ce5efc0d218f7f9f29ecaa0ea2e
1394881b000e5c2bca37e77a30fe205f14f7566cb43df1f4e98a28a90a115f33
1578772580f34c6954640989579975abd2aa8d1e510266ec1118c923d551722a
15e78f7990a6799a7e0a145ff4fef77e8a3433c8282988f9452591561c087700
186df18d9f9de53fb564ef33c3d5e6c1eed1c9242726f42c452ce9f29e34e938
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00
18a884b21bb19d3941bf7b5c75e3bb10e145e807463d8e1735e6151adda7933c
1b3612d9b30c52e4422c5e2e3de1a71cd7981472a564e5cbe666299d5b47da03
1b60710c5a90be975f7746ee1699a04025853aa9e692b03832198d64ecbca683
1bb93faa1c58d38d934d8e342b9c363dbfe08c99ee77b0e3368579d24d69874a
1c5b0a3fd4f32edc2f4674a8c7ae9a3c12f31c60ec3460727a3beb8361799b18
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba
1eb193044b2704295c69a7c272d696b93c7483882b8f2dd4a60e926d4b9380e4
1f6d697bbbb757645bb9c172ec2915925061a4cc057ac27e84f3eb6a9762545a
223a08c52b5f7266e2712c4c8636c5d607788790581f42eee2c952bc5d89bec6
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23d5215c8f06529f705fa76d830e22ff2034d03f3f2767a8508290aa6de46cce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
276668044316a75758e0307144568a3d1b1c91f189bc60da64891f5700d532b4
27fa5b8980dbe579b415fa8ad6709de23394121baed3f9e8fff08926b4fceb3a
2aa97ee9dfd5727f8e9727e4c154b4a4f36cbc489c10a998bd9903136c709096
2c653ffc32c579c45394aea0c33910b7bb790f5ea8b53a58729a7aeffccb7eeb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2daa7b961c4e71d5ce79e26ae95172e34bd751e2f227cf691dc69ba2067db864
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3049d5f5c7f10e6bde2123111600ff34d997c3419230fc1e5d74407d8f89ba81
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33129c578fc7c0fbb8d4da97105ef2ff3ae3d77e75296748f30bd08ebf08ce6c
3490e51d7d3e5bb13d5f73df0cfb3aefac5ba7eacfda6c9319555d0b52ba8d6c
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37420177516ec4575ddc7abef31c7e45a405816cb927c64fc15efdd1c4357326
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38a8556484f3648842738a8e86d05029a6c214a3c9f47d1b84e8a0a9c312ec98
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
406b9858d2843a22980d743fe4089396abc8dcff199a9b2265c98966b647a373
40efd6364ec7789d7fee95b555233f26822a9f0813fb4e22f738979834736bcf
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
430a4ae88e92ac8a9085fc0a389c82bc0920a090d8bd1a97a12a30400f2453ae
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46c8637bc23996db5a18c8e2c9a8540d7343b4d57cf568ae74731baf904df88a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a55daa3a7ebab21f0221b18c725235976878104c37faf9f0b93333cf23020e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1269148eba5c47ce07d332a181a33bf6c78f7e09ec1bb598c6e0c648070f18
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501f611306d68d8af2978e88b9dbb98afc052add852592930f3a7755e66ae22e
5273d70a5653a3856c322e39af5541da7271ae5747399bcde0ecb82e731a6adf
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
542b8ff0e463bf2d503a7d89ad622203c183e283f65c7bdba6852ac162dde20d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572c723ec3ee5e588426e8131a0059d288d56316f307ac9902366a3dcf9ec8ee
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
60d0c81dd8166c8403d2be8c4d05e4d7ec8096b09a31158c190ff87ce2f79a44
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69209ab781f7a254eabb52dd600372fff97110a55db5228c89362ad1556e6b67
69d9d426f71a1afc758e7b05866cc90c604800b724bf8207be86bde8f3282582
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
6c884bcdbbc14d88a1912b6b7bf7373dc3b24349a9a70a284616591182359ae4
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869
7254383b0cd09cf6c2c20161853d808329e0e70a54c74e84db51ef06439edbb8
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
750a5e78c86dc742dfd94f3d6f19c16e8c593ed312eaf9de19f2cd2fb66cb49b
7650045c0c9f52acb0ec523b5579f8bf1d054b61e91bc30583ac28cb1ee788c9
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a655c44f94deb4cae8b6d52c54a58a15d7b5767fbb5e203a6948017b8610c44
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c52c6dba416fc5f4c850bfa1a6896e5715544aae50ee30a213a16d9873e2310
7fd8f7ecc22735bde8e48719bc8d46057c2ba7d66accf2457be2b3c62bbd5d28
84073b5372c7a069e61cbf9deb72a65977e33976fc6a4e7856680585516f98cb
87a5ced2a3f05591404b0fd2b735e8fe56edf86a437f27b49d3d6ebc0a181c8a
88dbb34ef629a93aeaf33a3771257f7d9e5f9eac9befa78621cef0d452cbf552
89d04fcd2cbca4160ae55ef301374c6a116de2187695161dcc2243b02dcfda65
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7936b36c55da9737fa5e1554e354de1287d658f282c86681a603987208d120
905af8976eb4169ae69ec5374f055f9ceb3163b725d78f338672685032d1399c
94ee8f662e4f0982334ba0b149480d4e43543996807f1f8138907c24e95079c9
95e4e7e4a9323ad15b663323ab9347b3efd037be4e5da4385bc440f63daa9dd5
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
993507fc375b25f3a2b649e6c44ad7d4ec2f6fe1e3114bb1c4469a0c6514e037
9a17d91c798b3201676f4ddcd77c19f19d24da108f7008e000f412ad09defc13
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d9d20f3d64796f5cdd848ad1504f07f5b8edc1cbd345a978182b71b8d8156ce
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5dc2fa65d7f32ff8d59fa8520cc19506911ac4d6e44620d492170efefc3df
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26d3f0dbe2fd85b28fce405ddf284eb4b12f3ee5f5f611ec764b895fb5fca96
a2a570abf89ea7889beac4f6a05238423ce8ebc584502a519b9a342c7b8a5dbf
a40028641fb7ec11c9b8247ef5a7d17e0e22a4ea277e049ecb6f47e371baa81e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab6954170aea7f7e9fb3eedae3a8e801f4f8dd842e1adc9d70fbd861a6777f3e
ade5c6026102f130cf2e6c67ed35f73764393a95498f87bc4e960be3b37a7388
aee9d49ed0abf818fc5c72c0645a379017397c8d07ba84d4ff549373d0c0bdfa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b51a84d7fd18215fbb8dfca24a1d9c4ad58006f3b06d96a505e59ab9ebb35f3a
bc4d9ef58505219d33c80ae4c235475b98eb3bf3b685734f2c3501397b7183da
bccf3a8904aeb51c405bb33d37badb43afc3758a85d565ffa5f32e5b98456cdc
bdbe0b9546bfa4ab207f377799d86e1d3b254c2beeb4d7904de746f8f1a754f0
be7082836315cefa3c1471f6da30e0bf5ed88dc93a3672fb5b42dc77f762d0d1
bf8b2bc413082260c40f04fe30ee6c3e7213815e59321457843fc7e245e8b37b
c16a00c35650ee5b15c15837700aaf8a1455bf18b2f579770174dd8d7531a21e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c42e09e3bac5eee18b9c64783dddd820c32949a922594e9d6d162354337b2ca4
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c60964ee353be12e47c742b5d244e3b3527ea1e6427c33715a63886244eda5fc
c74fd14eda2971bb6aa3e42ddb3a52ccbf08d4e29abd0b46605e39fe47484855
c9434853ff422675b8a69bedc7ccdb98846905e2c55dc6fbf7e6ff789de9bf19
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cce3320e655c6a7aa54ed20fd84227741eb4e17a426d4b5169224db2038f8e1b
cd0fad06f612106228cf29d86b539e603388fb5805d83209a4566f515fbf58d4
ce0854dae8647fd9b05a9b55cd464b24ed4c540c64c75b48f148af322210a444
cf0d49a0c8020243b950a7a2b3dda93bda5a8face785594b9851596de30906a9
cfc5aaf78147fbaae5ab35215b34e8285ebd37048df88d7d7597ce298b63f44e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d105aa92d94614c082f2a8b2b64b088d7be881e29c830c2fc294f926c4884da9
d1964642d3f3e61948a3e10351d3c73caa966cea7df8629d92b777408d8ab60e
d200d18205449116dd91e5907011d3faa442a439b58227a5ec453d5c98c1de9e
d3319842fe41eb1fa07d77a271161895c5f2c8b47536973a8d0f01c9f2164d59
d4b3a64e4faef066b02fff5b1f78e3a102b5cef317b4e9f8b1dd87365ba461ed
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5c5174cc7381bea3d6db3e52da91b442f2f876fd9a949766b7c4e067577609f
d6ed2ea4fd92450af0c440b87d820ec57621756a96221ab3e0342172a59d4a5d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d78efc63f5080b21ed89c35bfbcf97382a59149aae1fadaf5e349312de5e93db
d88868e4ce402e20c0571112a33163d24493367809d35e1232a82ff6fe1eeb1b
d8a19408285344b71bb5e5809c183376bd23771dec91a091d420a09134e2d858
da7749537e21a5e2f61346a8fac6365d39f697499c20f0b10e23aee8e4577d90
dae317bba34cabfa91126f3bf74b060d30fde82cd67077abe3778a2904e31792
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dc772683f8b868ea4a23a7e70e31179d35bf4c8dd362780c5926d878247b3b06
dcc75d60bdc48129ec2e7cdbf2d0feb6fbb4b2b018bb26ea3b44f7ba51c45cab
deeb6f32005ba298001b70940206a84fff4455f68f54acdbc5d2d7a4a5dcc070
e121398ef2498ffcf90ccef10bbf2da1f549cf55e0abfcf839fb19b13d42b904
e239e5067665d36496de3e15f0b4c23f815cc182ec5f31672e32fbcf5d6a9649
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e575a522e02db1dfcc1943d3bd080f767513ac0d10a4355299bd1cf4dbc6ae82
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e86b9c79c9f4e505df7d280321deff6c603f857a60d4629993affa654831c8bc
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb032f61f3bdde14c4f598b843abaa1160540f4ed00075a432e293564f5a94c9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed358459f9e9bf38ffbb3403fadcadb27d9bd8e7284d1856b425b407d61df49d
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee66a13f15a3108ed22c13802bdb37e7999861fed46c1f74760193cbeeb5ed2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b875fe8868c894f20a8c48777195b88c764af61be864a9ea7709f2bfd24192
f6dcbc985c03afa96ee7bd1821d16bf443ffdb015dbad74065fcfa6066107a7d
f808ced0e91e99874d55304cec42cbac0ffd8b08cd64efa3beba73fb435daa47
ff12545d0e037eb3dcafb8fa5a02ec6db42574b947f024521465823276c6f1de