urlscan.io logo urlscan.io
SecurityTrails logo

www.xyg688.com Open in urlscan Pro
2606:4700:3035::6815:1c42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xyg688.com/
Effective URL: https://www.xyg688.com/
Submission: On May 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 9 countries across 32 domains to perform 164 HTTP transactions. The main IP is 2606:4700:3035::6815:1c42, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xyg688.com.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.
This is the only time www.xyg688.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43 2606:4700:303... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a03:90c0:41:... 199524 (GCORE)
16 2a00:1450:400... 15169 (GOOGLE)
5 172.83.153.70 201106 (SPARTANHOST)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 46.228.164.11 56396 (AMOBEE)
1 18 142.250.186.162 15169 (GOOGLE)
1 89.207.16.204 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
3 3 52.57.183.137 16509 (AMAZON-02)
1 1 193.0.160.130 54312 (ROCKETFUEL)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 151.101.66.49 54113 (FASTLY)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 213.155.156.184 1299 (TWELVE99 ...)
2 35.186.253.211 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 51.38.120.206 16276 (OVH)
1 35.71.131.137 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.3.30 198622 (ADFORM)
1 178.250.7.11 44788 (ASN-CRITE...)
164 22
43    2606:4700:3035::6815:1c42 (United States)

ASN13335 (CLOUDFLARENET, US)
xyg688.com
www.xyg688.com
18    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
2    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
gcore.jsdelivr.net
16    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    172.83.153.70 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
cravatar.cn
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
28    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2606:4700:3038::6815:e98e (United States)

ASN13335 (CLOUDFLARENET, US)
images.weserv.nl
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
18    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    89.207.16.204 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float2.dotomi.com
dclk-match.dotomi.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    52.57.183.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-183-137.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
Apex Domain
Subdomains		 Transfer
45 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
666 KB
43 xyg688.com
xyg688.com
www.xyg688.com
601 KB
33 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
224 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
6 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
62 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
262 KB
5 cravatar.cn
cravatar.cn — Cisco Umbrella Rank: 521505
55 KB
4 weserv.nl
images.weserv.nl — Cisco Umbrella Rank: 84993
118 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 299
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9108
820 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 573
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1258
487 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4891
651 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444
2 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 428
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 773
s.tribalfusion.com — Cisco Umbrella Rank: 1977
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 835
r.turn.com — Cisco Umbrella Rank: 3382
869 B
2 jsdelivr.net
gcore.jsdelivr.net — Cisco Umbrella Rank: 773880
24 KB
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 707
363 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5918
555 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 51613
611 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
265 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 753
339 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 318
464 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1482
587 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 619
546 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 479
876 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
761 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 740
717 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2707
104 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 945
328 B
164 32
Domain Requested by
41 www.xyg688.com www.xyg688.com
28 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
18 cm.g.doubleclick.net 1 redirects www.xyg688.com
googleads.g.doubleclick.net
17 pagead2.googlesyndication.com www.xyg688.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 fonts.googleapis.com googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
5 cravatar.cn www.xyg688.com
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 images.weserv.nl www.xyg688.com
3 x.bidswitch.net 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 c1.adform.net 2 redirects
2 rtb.openx.net googleads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 gcore.jsdelivr.net www.xyg688.com
2 xyg688.com 2 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 match.adsrvr.org googleads.g.doubleclick.net
1 onetag-sys.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 sync.mathtag.com 1 redirects
1 p.rfihub.com 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 r.turn.com
1 ad.turn.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
164 39

This site contains links to these domains. Also see Links.

Domain
www.zzzz688.com
www.mw13.net
Subject Issuer Validity Valid
*.xyg688.com
GTS CA 1P5		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
cdn.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2022-10-01 -
2023-10-20		 a year crt.sh
cravatar.cn
ZeroSSL RSA Domain Secure Site CA		 2023-04-27 -
2023-07-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
weserv.nl
GTS CA 1P5		 2023-04-21 -
2023-07-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.xyg688.com/
Frame ID: 0BAAD9F875E1D685B34252D4D3C7405B
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Frame ID: A22564BBA1C82B7B0AA059B1ECEA4E53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&adk=1812271804&adf=3025194257&lmt=1683498818&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498817630&bpp=452&bdt=84&idt=690&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5187996764705&frm=20&pv=2&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=715
Frame ID: BB3B171DF5F47FA9C5A20058290990C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Frame ID: 629473E7CFF1D4FA722D36649C2E7B19
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 579A9CE8157B5BDDF6D5E7952B5CCBDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: 15F8CC9BB2D94E70D0315804980E6B96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Frame ID: 51FCE9ED762341FBBE4B9E444BF71A1C
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Frame ID: 0078B489985D86215CDF514C021373B6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Frame ID: 7AE05FD78233B544B78AEA9657ED7E86
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Frame ID: E7AE4182BFFAB4ED91DA85BB98584378
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 825C89E5B183B1A7A339D51920C88C92
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 56528AEF324CC3F6EC7A61600E9E765A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 56218133ECB7A226F399E79ED6F3BF77
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7837FB5CE3F9764C08EB3FAA3B826F68
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1768342FC1A1EA0DACF542F04F581845
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: BE716C6F095510CFD518533085966667
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: FADABB228F41EA75690598197FB7517C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Frame ID: 0787603DEAE96A64B78AAABF62B55EEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4FFA54EB2E02FBF0B038AB79164756CB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E862840A6B5E08AD832571B57A2DCD5F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

小妖怪分享|兴趣使然的资源搬运Blog

Page URL History Show full URLs

  1. http://xyg688.com/ HTTP 301
    https://xyg688.com/ HTTP 301
    https://www.xyg688.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

164
Requests

90 %
HTTPS

43 %
IPv6

32
Domains

39
Subdomains

22
IPs

9
Countries

2021 kB
Transfer

4697 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xyg688.com/ HTTP 301
    https://xyg688.com/ HTTP 301
    https://www.xyg688.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 94
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 131
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1&google_push=ATf1kGP011hklbNNtZj8HzO7vQe5M6HoSVlWGuMHFSJ0JHtm4KUVQUhets2NRj2gPkVf17c9sChM2t09PpZyPIShAowCK0UAeK5Bj70 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDEyNDYxMjMxMDM0MTg0Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1
Request Chain 133
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 134
  • https://um.simpli.fi/gp_match?google_gid=CAESELfmeFK7UWx-BV2Pv2vRgjg&google_cver=1&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0wGdnT88imfIaBaxU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84FC1CE882C94C7491473D6F8FD2D789&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0wGdnT88imfIaBaxU
Request Chain 135
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOi-y4BmTRRUD6f95I0p8LM&google_cver=1&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOi-y4BmTRRUD6f95I0p8LM&google_cver=1&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827760429286&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM&google_hm=UeACPbdRTQqUKR_Y818ZWg==
Request Chain 136
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFtSYO_EjUSkrnmZylN4alg&google_cver=1&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-BD9KQHh7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-BD9KQHh7Q&google_hm=eS0yZnNkVGh0RTJwRjhTcDZBSjNqN1Y5d1pCOW1xUl9HTH5B
Request Chain 137
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_cver=1&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7vq1G6yiDtd--KqYL6CqAlrARII4pxQFdQoM9DvjmfUd9hByvR1umlUbGJxo0DIlzAHI HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7vq1G6yiDtd--KqYL6CqAlrARII4pxQFdQoM9DvjmfUd9hByvR1umlUbGJxo0DIlzAHI&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_hm=ZFgnRLRvWhemB6wL9-01wwAADSAAAAAB&google_nid=index&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7vq1G6yiDtd--KqYL6CqAlrARII4pxQFdQoM9DvjmfUd9hByvR1umlUbGJxo0DIlzAHI
Request Chain 140
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECxqDUu9_S0vrDmo-5YkhS8&google_cver=1&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pzH21AJ1lL0Do9Svs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pzH21AJ1lL0Do9Svs
Request Chain 141
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJtPwaa_-ryyJK9l9J4WnpY&google_cver=1&google_push=ATf1kGM458q95cG24w5ydIDM8ieJxyyD66QtFLmyXxGjKdSQYjMXd6ldsU9Uyk78Pzjr16fTGUDh0Mu6G6IIgVfE7YZngSmNdgAC9-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJtPwaa_-ryyJK9l9J4WnpY&google_push=ATf1kGM458q95cG24w5ydIDM8ieJxyyD66QtFLmyXxGjKdSQYjMXd6ldsU9Uyk78Pzjr16fTGUDh0Mu6G6IIgVfE7YZngSmNdgAC9-Q
Request Chain 142
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELPWers2c7VW7oCDloOcqjU&google_cver=1&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNuw8wORRAZ6WgPkL-tY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDU3MjM3MDQ3OTgwNjYwNg%3D%3D&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNuw8wORRAZ6WgPkL-tY
Request Chain 143
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBE6zM3q8n6Sq0mra_M10UQ&google_cver=1&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBE6zM3q8n6Sq0mra_M10UQ&google_cver=1&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw
Request Chain 145
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGLIlhkrjMUoTIcpy2PPuiA&google_cver=1&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKkZy3gxA8t2AZ6BOEu-Ke1eWQdlkbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhEWlFCMlktMVItRlJPUA==&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKkZy3gxA8t2AZ6BOEu-Ke1eWQdlkbI
Request Chain 146
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEInFnCoX4N0O07-GQED12ks&google_cver=1&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpEm9ApaFOdc6ZqVgd8q5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpEm9ApaFOdc6ZqVgd8q5w
Request Chain 150
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFeQ8p8ffc2n4VqqWQN_tTU&google_cver=1&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF4wHCL7U-_e03rRmahy1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF4wHCL7U-_e03rRmahy1w&google_hm=39CohBj1Qcybdvx4vYDMR0Y
Request Chain 151
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBHPdAiSSleI-Sx2FfGjb_o&google_cver=1&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO54S7chOBnmPodzSQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OclXbrc-TfSFKzjwCisJSA2&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO54S7chOBnmPodzSQ
Request Chain 152
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFtSYO_EjUSkrnmZylN4alg&google_cver=1&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_1ke86eLE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_1ke86eLE&google_hm=eS1QYnNreGpaRTJwRWk1WGZGcGI5OUxFU3ZFdHE1VWM3cX5B
Request Chain 153
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFX68iHJ9fUwN0ZQLwQck90&google_cver=1&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOHS68Lp7qqV1ag30MBS8g2klo HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFX68iHJ9fUwN0ZQLwQck90&google_cver=1&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOHS68Lp7qqV1ag30MBS8g2klo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg2NjIzNTM0MTExNDA1Mzc2Mg&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOHS68Lp7qqV1ag30MBS8g2klo

164 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.xyg688.com/
Redirect Chain
  • http://xyg688.com/
  • https://xyg688.com/
  • https://www.xyg688.com/
200 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1e60ce2facc4b28ff2513394e4dee5f00cf194733cd42de119fdd2fb2010c90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c3cecf27b2b922b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 07 May 2023 22:33:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pX90F2tYZ86p%2Fxlt6VimSejQKryPtuaTjmJB7%2BCnYZF8caAD%2FukrM%2F3S6iufvxXO6m%2FwjoI%2FlPU%2FjIkl18QzDs4XxHo2mVPF%2BHsRK2FWxd%2BLtYjeRKnY6i6EgF1HWyVpMRgmTnfmogbDOk%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c3cecee1934922b-FRA
content-type
text/html
date
Sun, 07 May 2023 22:33:36 GMT
location
https://www.xyg688.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO8k8YmpbSohWP%2Bdn4r61LqGjkxvz08%2BB1KjWGYUSyCkNdN3H427rgWrHrcoccqoDja4JPh2dPjVI4vygUvEr7q%2BRbKJ4ngyebMZs51Sq1HRAutuA7ss0oYg29ToysU3i5O7LAvo%2FsLG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fed949d1522fab95635d918cd446d6967df1ea7e898df795636ecc0d11d5316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47374
x-xss-protection
0
server
cafe
etag
18171578821495507579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:37 GMT
classic-themes.min.css
www.xyg688.com/wp-includes/css/ 		217 B
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/css/classic-themes.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 29 Dec 2022 01:29:28 GMT
server
cloudflare
etag
W/"63aced78-d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztj5EUIxtASYPYDRhCPm9eH7EhVqc92xlk1xapnAmuKn4y2ZofVvBwZx4a63wWQdEE%2B5%2FCE3f8BuWNI2Lb4FiwEiMrjvkSwMo58MK15rQn1EZZ%2FbnVO5HwS46A06WL%2Fuyp6AxaqJO25m6X3nkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec2922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
font-awesome.min.css
www.xyg688.com/wp-content/plugins/cyclone-widget//icons/font-awesome/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//icons/font-awesome/css/font-awesome.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-685b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgdKHxZTZBkhkFH0Lppw6Ki7BTBoC6eywq4zvbsRynVJwKSXqiaGFPnvnHrAxYCtjaxT6ltaR2A6ZD9GdQkoeMHhnZrdH5b%2FbdfIkBIShwZ0%2BMiOWXBTcWwFBZzWYpnu5zruFQmeCdgw8uhbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec3922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
style.css
www.xyg688.com/wp-content/plugins/cyclone-widget//css/ 		2 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//css/style.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d18753d8b7599855e54e3606c7d3a3883b71858fa2214bf84ee531d900756d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-8e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVi4PGFvJK0BZGPQgoOiK9dIOTYpWKtadkkmxyk7DsknEWginNbdr3aFl9YTUrOMaIojflvFtLkSyZ6knGCsMsy3sZKFTlicRYjU1HDwrlGcIVynXS8ORltUaVkUBP9fRrr97qosOKdTTlp2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec5922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
style.css
www.xyg688.com/wp-content/plugins/dw-reactions/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/dw-reactions/assets/css/style.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da5c0644f7aaf6e36d363f1f46dac0395d57bb93125927171777e7c0a015d8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 03 Apr 2022 13:29:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6249a120-148f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stauot9rh%2FsZEm%2F%2Fft3jtO3fmJJp5oDXZIksXk1jR2%2F9oo62kl8yU%2BGnU2A7udvWar7jH3sKe%2BObQ7DwBDxZF9MS%2FL6eWl64FOpHg6wPgp16tNtx696oXe6kBSnsuYVllywIIwQyNM0PXhomtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec6922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:37 GMT
style-1.css
www.xyg688.com/wp-content/fv-flowplayer-custom/ 		110 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/fv-flowplayer-custom/style-1.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4bb2716d67abd0418fc59e28b241ed1a352e304ce085df371b2c3a92b51b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31006
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Feb 2023 00:03:25 GMT
server
cloudflare
etag
W/"63fd44cd-1b729"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF8GMQCctiDUmWbhGOlKjpf9OmIqK4jbmk%2FG%2B%2BoBWq5%2FCp3ab4dGlDUWb35yJH0bAk0sb3JqjbZ42wi3zVVCf1kUL70uwPwFpZ6xr6571Hna8a3mZIHhem8vOvLPfdenl7WzANbZLJ%2BaCRGYkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec7922b-FRA
expires
Mon, 08 May 2023 01:56:51 GMT
sek-base-light.min.css
www.xyg688.com/wp-content/plugins/nimble-builder/assets/front/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/nimble-builder/assets/front/css/sek-base-light.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22acf585e6bfc728a4a7b375be039a77e534885cd1b734a29e61306fb5b2a327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Oct 2022 01:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634caf64-5193"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxkVczCq7mQT5L%2BITYh7bk4GM6HwjUrcocJLzqW26%2FxAZyRRVaJKkJr3jFknPOonEBMwFucQJ5S%2Fulduxpvqwz4qmOKbjs4FdlnyFL4q1XXW3VyAWs4WTklEzDfTCWnIMs8l9ctm05KM%2FClv5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec8922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:37 GMT
sfwppa-style.css
www.xyg688.com/wp-content/plugins/styles-for-wp-pagenavi-addon/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/styles-for-wp-pagenavi-addon/assets/css/sfwppa-style.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30352c39b8b9975df38f2ecfaede3e62a1aab9932a767ea601adc3e43b374f47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 27 Mar 2022 07:54:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62401830-1c57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0qA9wX8H7sR57X9m3dcEhMs%2F1M1VIrMmq7l8OL3sxwiF2Q6%2F13QyG2iPoxYkwIVVu9A2AIsMFhdIMg4T%2BYmhz6Ay6eBM7GX06qlwIrj2gXUxycfKn65NKoJa0ioCkwkadw6Xw1XWN%2FG2vFpyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9bec9922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:37 GMT
wpfront-scroll-top.min.css
www.xyg688.com/wp-content/plugins/wpfront-scroll-top/css/ 		427 B
499 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b7c1cb7024340ea14c27be9e20ef8a67254a44f9fa22bc8dc8e9eb24a823e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 20 Dec 2021 07:31:12 GMT
server
cloudflare
etag
W/"61c03140-1ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gs815Y4IFe0Ouu4Iep82AKDDRsCex4qXI1oKr6cn7wQnvajM%2FGAEdcx%2FRWOCbzq4OT5CrzS%2FYhoWGo8JCxlSkI5VaLN9DhE2hrfnHYkUB0PqYbvIs7dabnsnz0SfK3S6BczaLrBJYJ%2FUt18RNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9beca922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
websitebox_index.css
www.xyg688.com/wp-content/plugins/wzbaibaoxiang/css/ 		84 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wzbaibaoxiang/css/websitebox_index.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fb36e11d784ffe5124aad65179b8954d1c2363ffc98ae1a505bed7e59443c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 31 Jul 2022 04:27:52 GMT
server
cloudflare
etag
W/"62e604c8-1503a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPaFYviTVYNjigpgjyeD9XH%2BkI8A9oQJ5hThoqom9Ri6L4vLa2G5y%2FhtpLhNcX1bpH0dQh0Ix%2FuDAj%2BeEpXIw0rDEasf8FbGxa6b7iwuGl9DDgjtp%2FdzgQuAAmR%2BaJ1vSA821KJIIyuzaghuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9becb922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
main.min.css
www.xyg688.com/wp-content/themes/hueman/assets/front/css/ 		92 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/css/main.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c16a00c35650ee5b15c15837700aaf8a1455bf18b2f579770174dd8d7531a21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 06:58:42 GMT
server
cloudflare
etag
W/"63a15d22-17095"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rx98JIoFcmYsr%2FNM0KTqNA5JRblDOFTpYcEK1F70eMheEK2vJSIh5vEPjyx8AD2CP34OWvgEQ0H1yBbpAHEqi%2F8uNwgi05xLrxLOn3bkoA7w2u3H6ufsxv1MBWsKWU6qT9ObQs%2FfURmLr7TZVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9becd922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
font-awesome.min.css
www.xyg688.com/wp-content/themes/hueman/assets/front/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/css/font-awesome.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23332
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-e877"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL1KNswwDK0A86A0cdCST7npSPGTxb2zci%2FCKHVQ5W2qufedHZcbq276T5LCdVC%2BbdImrTPjsStdC27Mu%2FNv3yVjiYXUrw22lx5EkfkcNzEkkBZuz1L8wERk%2FZUK14SvQTjm8Kc4a62PZic0jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9ced0922b-FRA
expires
Mon, 08 May 2023 04:04:45 GMT
social.css
www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6861c00f96e5e7c21d52edbccc7a699cbb1efd02b3e162d84802ae0636ec4063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 16 Dec 2021 07:37:42 GMT
server
cloudflare
etag
W/"61baecc6-26bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdSk6Di9hUvvtsGm7BEp4t3ydbKnoRtcIB8QqG6VlB%2FCsXhyHSrSV%2FmxeuuFE2Zy09IvUiTDlMWgc11S1EX4ZOjym6qZWaewPiH4EmrUOtco9XuI83afiQwzgiWO0OicG%2BdlLho8Mfi4TNYcpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9ced1922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
skp__home.css
www.xyg688.com/wp-content/uploads/nimble_css/ 		196 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/uploads/nimble_css/skp__home.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f0acbfc73a3586c7c57fe0f1270ad10ea18d6ecce23c4ce3286a4300ec709b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 07 May 2023 14:01:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6457af34-c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYkHvgVPznzQRgXZaVEX%2Bq%2B47AEhwKsaHidy949WFIt20iGXU952lzofcVLgppoq01tj9XTdNB1nt5rwRAdJBTYbjJYaLd04poFpAKy4MhWJ5z4sNpHJamP5eFOUVKVuXMqF8w6KKaH9ydexfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7c3cecf9ced2922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:37 GMT
jquery.min.js
www.xyg688.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 29 Dec 2022 01:29:27 GMT
server
cloudflare
etag
W/"63aced77-15e54"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GKRCH%2Fm4fh7Ww7xGDpWjR6Hr7baRQk%2FsX7lkn1cYxaqyEtoIShjA6OfhNSVsr%2FKENLQe4WT34ndj53isi5TKwuvcnO1EakxbVQx6wroryz9Ut6qS3EHtcyTxWg5BFVnSkFlpMINN9N4LxDFMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9ced3922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
jquery-migrate.min.js
www.xyg688.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erYnmngesqibAls9QDXZ2ZVb84bQiROE3eWBxcNxUStFF72s%2FpA2iTzrez7YZrNFfejOnWWWB%2BAUtbf18npRdts1QexFUuEnAUAQmfH7DZn9n5S8jCVK8aaoE0pXjDjuB4Ok%2Fpd%2FB5WYXTnOUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9ced4922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
custom.js
www.xyg688.com/wp-content/plugins/cyclone-widget//js/ 		902 B
518 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//js/custom.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead0c427f453ce09f3f8d3b82b3abdef0cf44a7d40d3d79387656b091dc91333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-386"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e%2FRYA3JT807R5K5Vt3kZVKoMuc1x4J8j6APKE2x6DuR0K87DmMAUo%2BekFdB2apTst7kC598pjgFFP70cK0FUHmerMk8jwSVDtmyOU9HPDmZus2%2BQvvqgQVBlZV%2BE14XEXghDX9tU14UJYGJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9ced6922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
script.js
www.xyg688.com/wp-content/plugins/dw-reactions/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/dw-reactions/assets/js/script.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15ea684d7a5187781c2e6d35e78d450f79ee641b69501286538a6b7c05b7b660
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21386
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 03 Apr 2022 13:29:04 GMT
server
cloudflare
etag
W/"6249a120-b7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7X59MMo8NSEtyYjrx4k0OCVzXFKUkkC%2Fd2lsSubx50ihgQ1aaWct0Rv0Ik%2FgAVpyXrZgadP%2BIbgPqiHjoWBRh7aRWJ3apaAodKfmUs7xXtOi2dgZiRBWs3tsVm6eibyiXGWiNh0bzBJlIzCJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9ced7922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
jquery.qrcode.min.js
www.xyg688.com/wp-content/plugins/wzbaibaoxiang/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wzbaibaoxiang/js/jquery.qrcode.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43516bc7055626d7fd39779bca9318e44d3bacc356f3685406ad222d7ef65a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 31 Jul 2022 04:27:52 GMT
server
cloudflare
etag
W/"62e604c8-5d05"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dV%2FCiqLx8qoBtH7CmhYijxaO4Xcu4V8t3zwAfDYc1ZdafkZT98a8eiNddN1s48EL5gd7W1Pk%2FarJ%2B2jaWrKhQiq4XzYqXoPUX0MsdqkahEFJiECidsABsZ%2BqYBp1QEoYqeky3jo90%2BQQwMQbyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9ced9922b-FRA
expires
Mon, 08 May 2023 04:37:11 GMT
mobile-detect.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/mobile-detect.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
server
cloudflare
etag
W/"63a0ff37-9820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzqfK1nA2YAeOe%2F6eDxh0qPV78g4bUKuXlOSH1uO6R%2FyDb63Ptdtt08qB1kcfEfwiu65W8RT%2B6fv3%2BOuc4yJmoeZXN8%2BMZyVTWP5LTK08gFwwOhFYy2sY3wXjXZlB8EcjcZVzHGQslwFkkuA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcfcc62c1b-FRA
expires
Mon, 08 May 2023 02:45:08 GMT
jquery.flexslider.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/libs/jquery.flexslider.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
501f611306d68d8af2978e88b9dbb98afc052add852592930f3a7755e66ae22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a0ff37-5a3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpUCmW%2FKVka63ABuxecf78T9jP35AnwqOOyAkrpOITEwX3KZ5r6xmw5AbVA%2BGWjp5OQXHYz96LCU1b3xWu1VXsC8NdLjmdw85dNUnu5k4uoha01Atf3w%2BTSTr9aOiWIE9rv0PWJtCiuOjiIQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcfcc82c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c97ea953fe9b0793708c3a714a1a18e90340675fcc000e08652c679721ea68b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47443
x-xss-protection
0
server
cafe
etag
8634663834036905900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:37 GMT
fa-brands-400.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-13288"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPuFoRyX0D4tNGlDnf%2FvbsODMJNkv5nJuGKoQQ3JWxHEWjJP3e%2FLaePSkF90yyt0yyO5R4kKaWRUeMQpX6oX71%2FhfUtJ%2FGUhmwq1sja1CP4kEbGfC1x4dg1g24UgeJEzeDj7uznKusvc%2Ff1IGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9ceda922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78472
fa-regular-400.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-3514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U69H%2BuA7Hd13noXXi%2FpEVpMr9z0U1PSqPiziaemYruMZkYVcnrCFjhfyuZ8AC37cmsmJsfc%2FmEUacA0bdu1sU%2FVsQ%2FRJ7HhhLZ8QFZBUq4HXEagRFF4nw0cs1z9PwC7VwcVV%2B9g2WNR04feNLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cedb922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
fa-solid-900.woff2
www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-1397c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNm5bFX4CtPbcD4i7dZAY8sPYcEa9a1MAyBcVWUEVB6IdvLLBCHD%2BL0HeXfqPTxlHCJgnMyIE6HbkJf1oAEe0KV8qVf9oNr7ucoc4UrLQL5Savcdn8i0AYygLeiKvfIzn%2BfDkSNWxKj0g17WHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cedc922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
titillium-light-webfont.woff
www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/titillium-light-webfont.woff
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-6088"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Olvzcd31%2B1BdtndTCZkMkOHCcnk0%2BG6zZENj6cQbKqLAz7NlPn%2BPjLSPooyzI4kbyPZ4y7hJYzBr7jUeWsrE0yFKEnIBJ5X4cM12Z3y2h3hErWc%2F0K53bi%2BlSG%2BPir%2FSPCQWI9dFMuisg1%2BlCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cedd922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24712
titillium-lightitalic-webfont.woff
www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/titillium-lightitalic-webfont.woff
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97363b6ced0c1ca6d76ebcc6782512959cc8c5d6c8f40cb4976b4179bb685e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-6888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL%2Fg9h5TZ6ZqDQM7m6vrtKwp00S1rGEx2phpxqkULx7Rj7zJI3jV6845NoEAg0HkLrU6GfVKWaa1Kxee%2FXblJiyTD%2FtZTpLoxDpzz98rFOs%2FH%2BdFzA%2FwCLYmuByzi2n7JIQyzqCjV1Xouq9i9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cede922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26760
titillium-regular-webfont.woff
www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/titillium-regular-webfont.woff
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-6078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdc%2F7F%2B2EQEdNTzI1hecLEJ%2BfX54Aax7dH9GkztFwXkN6fbVnpQ3dtXRDk20F3FEHu8%2FAqp1JhSkYdMVUWT9yYp%2Fn6JvJWH27Bz6D1K%2BIYiOFCUDS3cP594DDQT%2F8WMm4lhuTfojzZGMdgc4og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cee0922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24696
titillium-regularitalic-webfont.woff
www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/titillium-regularitalic-webfont.woff
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbe8457cc41e254cb7fcd4dfa77c52c16413c18f35a370b77c5f07b4895562a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-67dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BT13rQ3NLcV71GeHTnGo7nftaAFcspYj2Po9Komio5muq8jzePX7ykyctwoWYRaU9i%2Fo8nGAOUQrGsElpHhnI4VjUbqajV10l1ZzgfBOFdc390da%2F%2FOnmg2OLX%2FoWCHIdrMx4MbCH%2FdVLpZp8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cee1922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26588
titillium-semibold-webfont.woff
www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/fonts/titillium-semibold-webfont.woff
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.xyg688.com/
Origin
https://www.xyg688.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a0ff37-609c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysXXgPK9hGqrlP66ks7PnvI8kjU%2F5VU9cpHMMTctZYIE%2FUe9oJ4Tn2c61%2BrdcgpTflbTDUQ9YPcz4uknyDZeQgojVwcUO0LpyoEGMOX%2BFreLp0ytW6DudMy1leXGwywKHanzfE65VPoEx5e%2Fwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c3cecf9cee3922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24732
jquery.fancybox.min.css
gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc37
date
Sun, 07 May 2023 22:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-jsd-version
3.5.7
x-cached-since
2023-04-28T12:25:42+00:00, 2023-04-28T12:25:44+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-jsd-version-type
version
server
nginx
etag
W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
email-decode.min.js
www.xyg688.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28yPCKx8IlmFv4B02ZltHFHXiiNkoRG5YRp4cZyXmkuDR8I61VjUPCpxZlnsUaV0jF2lcMFyf4idT9wjZexZKknjiDXlS5%2Bnuyd1Vmh8gHTfBMlCat%2FUQCv%2FWY0hZSgXFAtW%2BvS%2BF5CLLDdGpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c3cecf9deeb922b-FRA
expires
Tue, 09 May 2023 22:33:37 GMT
ads.js
www.xyg688.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		75 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef2638d96561575cf2e9017a180fe020e4a964abbe4d4081e56956c1a34c551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 19 Dec 2022 23:55:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a0f9d4-4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpbLrpR2tVLGadpCkvxAKHq2YHEk0yHMD4OiQls%2FZjo7tUSlnlAf1fQMVjEIYP27e62tCArihD%2B3Vux6wtbnapl%2Bd1XBb4Jv4vHVyXhiEt3XZyoqO8T7%2FmMyF5SBxAolFRBemf5ZIq3%2FxNgw2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecf9d9f72c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:37 GMT
95.png
www.xyg688.com/wp-content/plugins/wpfront-scroll-top/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/plugins/wpfront-scroll-top/images/icons/95.png
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc749b321d02fef9fdd5550423288af2435c4c66f4ca6b4da87ecdf09fcd4ed2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
457523
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1651
last-modified
Mon, 20 Dec 2021 07:31:12 GMT
server
cloudflare
etag
"61c03140-673"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT95iMiAaEy2edTwC9PGQJqU0V8RY1IKZv%2Bjod1j8R%2B0%2F6V7r3W%2FqV09rXxQV1j1wqfz8OYsQXTFx5aNDDAl6iWFnMSI1hkENF9bwys9DbIxXVzaYv080kTiuFJN2A84Ct462Y6L1aA7BSz7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3cecfcfcca2c1b-FRA
expires
Thu, 01 Jun 2023 15:28:15 GMT
instagram.min.js
www.xyg688.com/wp-content/plugins/cyclone-widget//js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/cyclone-widget//js/instagram.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc75d60bdc48129ec2e7cdbf2d0feb6fbb4b2b018bb26ea3b44f7ba51c45cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jan 2022 06:19:54 GMT
server
cloudflare
etag
W/"61dbd00a-87f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL7%2FigMzz1pRgRxJnjfVanQA6XSGmJPu%2B6Avp9e7t48PQOJEf3OoNou2luw32GS%2FrwJfkXHps%2FHsXAhMf2o0JdsW6Fjs59T3V56uepUD3Xq7kDhXhvvxq2fgjs2fWPA%2F0M6IscM7oH8KaeGqLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcdc9b2c1b-FRA
expires
Mon, 08 May 2023 02:45:08 GMT
wpfront-scroll-top.min.js
www.xyg688.com/wp-content/plugins/wpfront-scroll-top/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa10bb68da7339935c4a125a5d2835e93f808accd24ecee607c586ebac91f7e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 20 Dec 2021 07:31:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"61c03140-719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEuXQiixABBT2fVJ23T6FmWUierNNadp%2BJmImxBVkFttx4Pvx1SLFMl2CeTPLbzZsDLnFnj4rAaFjYFGoUifphB62CJ4m6rHWk9j1JxRy6kP67zQ72Y%2Bh5b7ASwJyenpeHyF5msTH0ib0HxASg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcdca72c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
underscore.min.js
www.xyg688.com/wp-includes/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-includes/js/underscore.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 29 Dec 2022 01:29:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63aced77-4991"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKUYwc3bOH8Dyg19MRSN6mO7CKQ5rpn3TnnsfF%2BKEwcvP%2Ft9X0nAwYegvRYkKlAdpM3JPs4DQNRGAuc6gwMnJTofJhnmbu1eS7X48oeMkcmZH0qOaD73JFwpt8u71o7S8CAQUfJakEphto%2FXkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcfcc12c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
hu-init.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/ 		641 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a0ff37-281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1dPiNd%2B80fsrQ7W31zER%2BVFAX8RyVS0PlYng%2BjQoc0460IGg2xg4XLNGUVageuK6GLne6Y2bKhmGvibMTEQUdj76JVdvraJDNv4DI4kGSWgCXQY5n%2F%2BMdNunOQtI1s44IYk5SljWohs%2FdvDHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3cecfcfcc32c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
jquery.fancybox.min.js
gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcore.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
am3-up-gc88, fr5-hw-edge-gc37
date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
x-jsd-version
3.5.7
x-cached-since
2023-04-28T12:25:42+00:00, 2023-04-28T12:25:44+00:00
cross-origin-resource-policy
cross-origin
x-nginx
nginx-be, nginx-be
x-jsd-version-type
version
server
nginx
etag
W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cache
HIT, HIT
timing-allow-origin
*
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597672defc0051744b31aac483ff8626d98f3903355e344c9c7783d933553e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122157
x-xss-protection
0
server
cafe
etag
2705270941111264112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/ Frame A225 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9427080467518642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 16:54:19 GMT
etag
15057649708203361565
expires
Sun, 21 May 2023 16:54:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
7cebc7c49d4b856aee6945d707b4e3cd
cravatar.cn/avatar/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/7cebc7c49d4b856aee6945d707b4e3cd?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.83.153.70 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
Cravatar-Web /
Resource Hash
cf78a94950fc7e5a92b8d120c73a52cee3782ef51f0c5451b31f3bfd506b0e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sun, 30 Apr 2023 07:34:17 GMT
server
Cravatar-Web
x-cache-status
HIT
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
cache-control
max-age=300
avatar-from
qq
d43879056d0f80d6c0f91956333bba11
cravatar.cn/avatar/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/d43879056d0f80d6c0f91956333bba11?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.83.153.70 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
Cravatar-Web /
Resource Hash
0dcc7eee589c09d0bdc204289127d2c091d89be9f1fd61287099b396ef0e2f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 07:22:38 GMT
server
Cravatar-Web
x-cache-status
HIT
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
cache-control
max-age=300
avatar-from
default
b045ac4a8df0cd17674e6967bb669d4d
cravatar.cn/avatar/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/b045ac4a8df0cd17674e6967bb669d4d?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.83.153.70 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
Cravatar-Web /
Resource Hash
2e22a7e08288d8fb34f57ba013279b3a4b64d3f267fe3ecad13d734c5426cea2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 07:28:05 GMT
server
Cravatar-Web
x-cache-status
HIT
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
cache-control
max-age=300
avatar-from
default
11fff227c3f95c116486b812a51ff45a
cravatar.cn/avatar/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/11fff227c3f95c116486b812a51ff45a?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.83.153.70 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
Cravatar-Web /
Resource Hash
d09b720faf119b9c3a31da8de154e218563d03b4fb6f1d506d446167689bd1f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Sun, 07 May 2023 01:08:04 GMT
server
Cravatar-Web
x-cache-status
HIT
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
cache-control
max-age=300
avatar-from
qq
256f619f0cf34e047dbedc3deb8386b5
cravatar.cn/avatar/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cravatar.cn/avatar/256f619f0cf34e047dbedc3deb8386b5?s=96&d=monsterid&r=g
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.83.153.70 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software
Cravatar-Web /
Resource Hash
8f953f658356cb625b5b76fef9b0a998f9dfc821ae9e43976a51c55e546be5a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 07:42:42 GMT
server
Cravatar-Web
x-cache-status
HIT
vary
Accept-Encoding
by
cravatar.cn
content-type
image/png
cache-control
max-age=300
avatar-from
default
wx.jpg
www.xyg688.com/wp-content/uploads/2021/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/uploads/2021/12/wx.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78efc63f5080b21ed89c35bfbcf97382a59149aae1fadaf5e349312de5e93db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1222006
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20004
last-modified
Mon, 20 Dec 2021 06:07:54 GMT
server
cloudflare
etag
"61c01dba-4e24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4kx9xChcjo0B%2FxVlchsNt3KGn8xTWjnvHrYbOcYSNDMLFBfJUhbhMlFpDzQeHa26PK4X30e45XjQPjNxvFkQTXNyZvhqeHb1f%2B3deE%2FXQusiZLtfn0XaBQ4ccRMb4LPaUvqlt7hutuxyNoMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3cecfe4dd32c1b-FRA
expires
Tue, 23 May 2023 19:06:52 GMT
zfb.jpg
www.xyg688.com/wp-content/uploads/2021/12/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/uploads/2021/12/zfb.jpg
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60964ee353be12e47c742b5d244e3b3527ea1e6427c33715a63886244eda5fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1222006
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22176
last-modified
Mon, 20 Dec 2021 06:07:56 GMT
server
cloudflare
etag
"61c01dbc-56a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vg0Lzp6fFegxE7T6%2FpGIvP1RMAUxq3Hzsy%2Fd7gCaEfhsjlHUAZHrQPEhh9UaKx3QJb16Piq3yPk6p9GddqBWkaQDYSiGuD6Zt2qSWhC6Jr6LBQkWFxHg6UjIEwMRqWDtjwGneczhWq9oJOYDew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3cecfe4dd52c1b-FRA
expires
Tue, 23 May 2023 19:06:52 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.xyg688.com&callback=_gfp_s_&client=ca-pub-9427080467518642
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb59098068e25c2cacdf46e3877d8a443d562dbcc1eea6fd1b84ff40b8be189b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=websitebox_wztbaibao_box&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=websitebox_wztbaibao_box&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BB3B 		192 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&adk=1812271804&adf=3025194257&lmt=1683498818&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.xyg688.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498817630&bpp=452&bdt=84&idt=690&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5187996764705&frm=20&pv=2&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=715
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01b3b11686297ac8c4ff2a4e681b64cff7f024207e4221a7f140b5498a361530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40698
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
expires
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6294 		94 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a31f3861939da8407c0c5522439c1265d351216584ea64138bbaa83a25a7e65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
35586
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:38 GMT
expires
Sun, 07 May 2023 22:33:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ccat-nimble-front.min.js
www.xyg688.com/wp-content/plugins/nimble-builder/assets/front/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/plugins/nimble-builder/assets/front/js/ccat-nimble-front.min.js?v=3.3.2
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b2e5afc71ea7ef56511169f8e038a74633da27312f405f0b5eb74315a227d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Oct 2022 01:27:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634caf64-3db5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VriomsJ1CmTFX%2BP66q913mKVgb9SUp40PSylUesZJX%2F%2Fo%2BbIkDfjmGv0KdpLNYQ%2FEK6j%2BfwmvQwyJgB6ILTkh%2FKwDqpf7QUSn5gJkhUnFCXPHjUDjEXeYhHJPmyoV6OjJ1GA0jv25FXMbJocuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3ced001f712c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
scripts.min.js
www.xyg688.com/wp-content/themes/hueman/assets/front/js/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/scripts.min.js?3.7.23
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/wp-content/themes/hueman/assets/front/js/hu-init.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 20 Dec 2022 00:17:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a0ff37-1295c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TvY2Saj43wR%2BKLcuVoUqRmPiz9LH2Jkit0FFoWTvbE%2FgJm9wm8MTzsd0nFArCKB33u%2FqApdWRxe5hqn9%2B1RhE%2FWNoawJxmqjPstxfe0MeRkSJjXuJ73kazDusdMGWGZ1zZ3uy6d0SUD5yxcJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c3ced001f722c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 08 May 2023 10:33:38 GMT
13030609250319591772
tpc.googlesyndication.com/simgad/ Frame 6294 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13030609250319591772?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qly6JnMFHp1_yCk98zY3NnV72jZ3Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331f261e467e8b39826793f5981dc36a623c16dae1362d423d6994da8ffe5451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16751
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 23:35:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 22:33:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 6294 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 6294 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 6294 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6294 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:38 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 6294 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 20:04:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
8922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13048
x-xss-protection
0
server
cafe
etag
2238672519398939817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 20:04:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6294 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCFo2QidYZNPKF4eU78EPreuusAnQqrnQbqfUwej7ENqzgPLdMhABIPTKrpEBYLsGoAHqiZv-AsgBAqkCjViESgX1tD6oAwHIA8kEqgTQAU_QfAwJ6IHeck4XyP3CLIRb4iZSVCmf_VJVZGaPXIFKBB6iwWlAsxNn3NohdPJRbB_kD6h-Wvbkia88xTb1tTh8AjN050q_7M0cWIfC-6Z_Nb2mu5TngaUBvAE7G9lTGib41m-Q032A6rCQrDtBma0LHoRhu96EFllQ0LMIbBy4dpbwMqP9iBmQcNKkn9Yb6-bO4b7o5QnXayx5oAWvjBgPV1e5wEH4iwzfeib9WHC5XWLpaW9IEO_BvpgU7uZXPFHIFoART5PAsK6-xG83sQDABOfx4O-KBJIFBAgEGAGSBQQIBRgEoAYCgAf-9eSBAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENL5BdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItOTQyNzA4MDQ2NzUxODY0MhgA&sigh=jl7GYzIwFJ0&uach_m=[UACH]&cid=CAQSGwBygQiDPHMbkKQL8daV0mwMKg1miylqahxdkBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 22:33:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 07 May 2023 22:33:38 GMT
/
images.weserv.nl/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://media.st.dl.eccdnx.com/steam/apps/1515320/header_schinese.jpg?t=1672929833
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e98e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2563bfb61a0609fac02828315f7a07fddee3e8f21d31a11582be8382ea1188b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-images-api
5
date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
63850
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34081
last-modified
Mon, 24 Apr 2023 23:36:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4jUK19nHiUaaAL54sS8JAX0Z%2FK3QLdGTJjRyxumh26g2Xwmfdq8xiCB6VDkq6Iw1u6v3My3xDQONPahEnO5X0UGVZI4PQUXHnAHvOlEYByE0qZMv3Rzu1LHlNfD%2FaTGpKly2ZEYT8tjChJGegrh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1515320/header_schinese.jpg?t=1672929833>; rel="canonical"
cf-ray
7c3ced023b462bba-FRA
expires
Tue, 23 Apr 2024 23:36:15 GMT
/
images.weserv.nl/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://media.st.dl.eccdnx.com/steam/apps/1812300/header.jpg?t=1673562076
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e98e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf80ff67f3fc7d46b03af21e07cbaf3ce599eed2aa8c7659b92f597ecfe48043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-images-api
5
date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
59037
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31978
last-modified
Wed, 05 Apr 2023 11:20:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxbLQVhpVPADw5I377QzcT1rWMd40sY0oEAio28NBCoT6XsOfF8RO2SL9G%2FwLOPtc5KFy1qrE7x8%2B8kmlTWNAGoxTcoplC3njbQzTaVxb%2Bcv1aF1GI0oGeVS2kBh1geS4fXJAn4JkPw%2F4Jd0ArSE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1812300/header.jpg?t=1673562076>; rel="canonical"
cf-ray
7c3ced023b472bba-FRA
expires
Thu, 04 Apr 2024 11:20:31 GMT
/
images.weserv.nl/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://media.st.dl.eccdnx.com/steam/apps/805550/header.jpg?t=1650495062
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e98e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31c1d0a0cb96c1c15715c701cc263306008541e62ac8c1b629fef4959cebbff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-images-api
5
date
Sun, 07 May 2023 22:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
MISS
x-upstream-response-length
32207
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20253
last-modified
Fri, 05 May 2023 04:11:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B%2FoSXmG%2BF1kkpnR0npqglX5fHZSp0fHSHDGAoJ3wRKnrWgb%2FUIsnFWIuDMslO3klE%2FqSP3EK%2FRgXiTbMvJE7yq9AcUsXHuhEh%2Bl7w7CFR%2FlmqSNMv9Z7hm46UCCp5EJVcam01CyWChadiQwK5ee"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/805550/header.jpg?t=1650495062>; rel="canonical"
cf-ray
7c3ced023b482bba-FRA
expires
Sat, 04 May 2024 04:11:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 579A 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6294 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdde4e7cb3ca77ba2c6bf13644c1f2ce5f41e066d85e02eba9332e0e1c643df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 579A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
expires
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame 15F8 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=600&slotname=6513834662&adk=3798025896&adf=3776209372&pi=t.ma~as.6513834662&w=280&fwrn=4&fwrnh=100&lmt=1683498818&rafmt=1&format=280x600&url=https%3A%2F%2Fwww.xyg688.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498818089&bpp=190&bdt=544&idt=259&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=3990&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=nUaV57KlxY&p=https%3A//www.xyg688.com&dtd=263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
45868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 09:49:11 GMT
/
images.weserv.nl/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.weserv.nl/?url=https://media.st.dl.eccdnx.com/steam/apps/1824580/header_schinese.jpg?t=1682606486
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e98e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed33f1550cc4236ba0d9abea728cc10c56f28448b131fe1340c7ab7a021ec9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-images-api
5
date
Sun, 07 May 2023 22:33:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
x-upstream-response-length
63205
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=image.jpg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32694
last-modified
Fri, 28 Apr 2023 02:47:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBmYQhGqlxaH7fsLCN68A6Ng9MwcyqdEEz3UPU05%2FdkgsRr3gGN7LWjK5aINoeEYLymCGOkIAqkBmGWdiIOP3cscoS%2F%2B6uyH7zM7bkTMU8ZB0ER7nv96L2dN1LceLjF8GSJ1jaIjQz6Q0wIPQq7d"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
link
<https://media.st.dl.eccdnx.com/steam/apps/1824580/header_schinese.jpg?t=1682606486>; rel="canonical"
cf-ray
7c3ced030bfc2bba-FRA
expires
Sat, 27 Apr 2024 01:40:09 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14aa966625d0652b02e26bc8cde0dcd9482999b6aa2f41b2c1ee83051c23647a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52348
x-xss-protection
0
server
cafe
etag
657136409678931020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 51FC 		119 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e90d8105bfe741a635c65ff75346962000467ddd5073b4c41f6e7a710ffe512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
45921
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0078 		121 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ff14b4dda8cd692ccccf5e6a8c6c90cfb7354858f7791982c733f1567cc72bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
47157
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7AE0 		119 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
024e208f5fe126fc3d7ae33a8c52126c4b8ce65101ebf9c4469572188b11dc04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46250
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.xyg688.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/ Frame E7AE 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 20:58:15 GMT
etag
15057649708203361565
expires
Sun, 21 May 2023 20:58:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E7AE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 21:23:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7AE 		205 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:37:47 GMT
x-content-type-options
nosniff
age
21352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 May 2024 16:37:47 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E7AE 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 19:20:51 GMT
x-content-type-options
nosniff
age
11568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 06 May 2024 19:20:51 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/ Frame E7AE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 18:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
15823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8031
x-xss-protection
0
server
cafe
etag
4566461469134147509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 18:09:56 GMT
css
fonts.googleapis.com/ Frame 825C 		9 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 20:45:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 825C 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 825C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 825C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 825C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 825C 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:39 GMT
edd8a89eee97155325ac5eb40edd3aca.js
www.gstatic.com/mysidia/ Frame 825C 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/edd8a89eee97155325ac5eb40edd3aca.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 02:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13633
x-xss-protection
0
last-modified
Thu, 04 May 2023 21:06:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 04 Aug 2023 02:12:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5652 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:10:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5652
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230502/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
expires
Sun, 07 May 2023 22:33:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 7AE0 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 22:33:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
css
fonts.googleapis.com/ Frame 7AE0 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 21:27:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7AE0 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6fabcc25e001128bc84c06755e659872844fb290bdba73e6839bc0c19efbc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 21:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13525
x-xss-protection
0
server
cafe
etag
4484237407982831356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 21:02:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7AE0 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 7AE0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7AE0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 7AE0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
l
www.google.com/ads/measurement/ Frame 7AE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqGWE-7rMEHvNylebp2KbCNy4q1Qm_wDY8w-j1l97ygKhpzUs3fhuJzJPcpn_4W0_53xmZRwM_hTkI2w7RUO49FXKHjg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 0078 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 21:57:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
css
fonts.googleapis.com/ Frame 0078 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 21:44:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0078 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6fabcc25e001128bc84c06755e659872844fb290bdba73e6839bc0c19efbc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 21:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13525
x-xss-protection
0
server
cafe
etag
4484237407982831356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 21:02:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0078 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 0078 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0078 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 0078 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
css
fonts.googleapis.com/ Frame 51FC 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 22:33:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
css
fonts.googleapis.com/ Frame 51FC 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 May 2023 22:27:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 May 2023 22:33:39 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51FC 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e6fabcc25e001128bc84c06755e659872844fb290bdba73e6839bc0c19efbc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 21:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
5485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13525
x-xss-protection
0
server
cafe
etag
4484237407982831356
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 21:02:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51FC 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53484
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683228402947650"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 May 2023 22:33:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/ Frame 51FC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:55:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
16661
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8767
x-xss-protection
0
server
cafe
etag
1250930375877819641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:55:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 16:55:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
20309
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 16:55:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/ Frame 51FC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230502/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 17:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
16612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7943
x-xss-protection
0
server
cafe
etag
8166942304926428282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 May 2023 17:56:47 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/15353652551619363117/ Frame 7AE0 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15353652551619363117/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIwAIQwAIYASABLQAAAD8wwAI4wAJFAACAPw&rs=AOga4qnpcn7KhkPVpI2cWAFN8Dh66WbOrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ef375e6b0f1a51ebac6da974011f3b9a2c72cbd18257ec533ecc3dbdee0598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47199
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 16:53:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 22:33:39 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/15353652551619363117/ Frame 0078 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15353652551619363117/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIwAIQwAIYASABLQAAAD8wwAI4wAJFAACAPw&rs=AOga4qnpcn7KhkPVpI2cWAFN8Dh66WbOrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ef375e6b0f1a51ebac6da974011f3b9a2c72cbd18257ec533ecc3dbdee0598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47199
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 16:53:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 22:33:39 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0078 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
91803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7AE0 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
91803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7AE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoX2tQydYZPT2FI7l6wSCtYmQCI3m-pFwxca77u8Mp9Psl5YTEAEg9MqukQFgleKQgqAHoAGJhfudA8gBBqkCuEm_tTNnsj6oAwHIA8sEqgTPAU_QsegXjd18efvt8jk2z3aP5jVzepwdr733BBl1gdY_RhnpOY_ZTQwXC5UTjguTz5Tzqe48NIcr0JjDgjnwRy2NXbImjerwwBaO4LEhxhfB7eHKgZt_Z4iirxKAqtBLo3ftyPEvzgJovjZmb0YR3NJnCwl8G2PPFcUXfLwRney64JuwNGvfU-hmEdv3YRZKorTh-rYewTMh83-sFyzFdy_81iZlYgA2uVoS_WSDkVMKLh7ILagYSkK-l2wXDeEukdrQGX1gxN3-cAoddfdcr8AEzIDniv0BkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB9_6hGKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCKjgTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMKiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk0MjcwODA0Njc1MTg2NDIYAA&sigh=GngD2B5uKgc&uach_m=[UACH]&cid=CAQSOwBygQiDFzleg6OjOdFImNA-i5HRO_j0V_bbmplLFLSfXP9LBRJ3Aq3rwHWyKqA836_irHpQLVBO2r0bGAE&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5621 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Mon, 08 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7837 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Mon, 08 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/15353652551619363117/ Frame 51FC 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15353652551619363117/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIwAIQwAIYASABLQAAAD8wwAI4wAJFAACAPw&rs=AOga4qnpcn7KhkPVpI2cWAFN8Dh66WbOrQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08ef375e6b0f1a51ebac6da974011f3b9a2c72cbd18257ec533ecc3dbdee0598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47199
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 16:53:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 22:33:39 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 51FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CR82oQydYZIzeFJOD6gSqh5bgA43m-pFwxca77u8Mp9Psl5YTEAEg9MqukQFgleKQgqAHoAGJhfudA8gBBqkCuEm_tTNnsj6oAwHIA8sEqgTPAU_QOKQa1Odg6fIViN9l97qHUEKa-caNSMv-n-lIEVViWaABQYA3_eM7qU6BOx7yhySbI7dy23FqTa0gMVhuS-DXLmznx6YetOLfZZYQGMTwl7oE3Sw5jJyUQ257qrDUn9PcKtyGWini4T5_oRDfTxgIgkEYk7jF8l_QyMpkvtqpT61MUOz9dAu2EcMAB1lbGt34Ihhe6h4KT6AZ8giarzpiBf6tINcYAN6N-pGJ3f0VnAFsQ-B4TJqzFsKgiClHWPMxXYPNtoZGNbA7PYk0DcAEzIDniv0BkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB9_6hGKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDhjwTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMKiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk0MjcwODA0Njc1MTg2NDIYAA&sigh=1FDmGgzLgJQ&uach_m=[UACH]&cid=CAQSOwBygQiD7Zzctt06b3CWfuDtCnjA-0FO3q98p7nr_qZJFYp2CGGpvLihXSqruVqnldSNAnofaGEMQvuTGAE&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 51FC 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
91803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
truncated
/ Frame 0078 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c84b22b5edd886451127dfe8d12e77b7fe13614b6da11e0af12e55af4fefe4d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7AE0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e58f1e38402cfe574bff1585efc2574efe45fc3bed03c9564779a0fc14b78f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 0078 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4DtNQydYZPXvFPTY6gTJ_57oA43m-pFwxca77u8Mp9Psl5YTEAEg9MqukQFgleKQgqAHoAGJhfudA8gBBqkCuEm_tTNnsj6oAwHIA8sEqgTPAU_QNOVzIUklxwcDBV-OuYZd8Ca_Gls2lMVGHvA4ozbf_Ju8XKIBgcJcIIGGuax-MMex3ANLurl_EsD7GLCcuqZPY67JiPgBxDo04_wQPRQvkeKpxhW0Rh4DHs6Y9-IVZkiTotFr-jbaMbP-JnldIvvHCjMrG8NZA2I3LUamdZewL9SBMzrg7Ef4Ow-B0eMzV_E93VikNKXAHxCMEMy5P4k-j40-vy8Qa8dw279Ln1gtob6osvedEN_yoSdsdOugtTnFutH9ntoQVebBUPJ7TcAEzIDniv0BkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB9_6hGKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCKjgTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMKiBQC0BUBmBYBgBcBshccChoIABIUcHViLTk0MjcwODA0Njc1MTg2NDIYAA&sigh=uEmgyGigNAM&uach_m=[UACH]&cid=CAQSOwBygQiDeEkNeCPGpy4d6gAmL7Ipg4v_kLNlCuNcxvOSxq7giAkngkEnBufEhx7eX4fxwX_LOmjfTtagGAE&template_id=492&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 May 2023 22:33:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1768 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Mon, 08 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5621
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1&google_push=ATf1kGP011hklbNNtZj8HzO7vQe5M6HoSVlWGuMHFSJ0JHtm4KUVQUhets2NRj2gPkVf17c9sChM2t09PpZyPIShAowCK0UAeK5Bj70
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyMDEyNDYxMjMxMDM0MTg0Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 07 May 2023 22:33:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKmVfvWCoGDWkGsvgqa3I1I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 5621 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENExva6yClaCmppo8fEHoVY&google_cver=1&google_push=ATf1kGNvCnV_1HfgKeAKAW-DIhPKh7ku6md4eM5BjsCPW_t4NZjtOrFphn0_aC3va-zKJPOQ3oVaT_TYx3LBIMRClXyW0An1MQxn7LE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams04-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 5621
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9D...
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c3ced0ac86239c8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
347
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzH9PPKCzVvYhaE5D6mf7w&google_cver=1&google_push=ATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMfMicQi1sNlg2I3bg9jenkBHI2CV0FQR1LJ_sdB4G25l4CQlcg2qUAY3fWtHU0Y28F1El7IJN02YbnOAoGVcuMGSGho9Dbf84%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c3ced08ceee39c8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5621
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELfmeFK7UWx-BV2Pv2vRgjg&google_cver=1&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0wGdnT88imfIaBaxU
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84FC1CE882C94C7491473D6F8FD2D789&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84FC1CE882C94C7491473D6F8FD2D789&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0wGdnT88imfIaBaxU
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 22:33:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84FC1CE882C94C7491473D6F8FD2D789&google_push=ATf1kGM_Dg3g9Fgi07UeYNu-aUgu3XU2x6krJ_o6okaAe8JUKAdTT9dZIHf7Zl2fR1MvXFzXGnI7XbkZmrnp-L0wGdnT88imfIaBaxU
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 06 May 2023 22:33:39 GMT
pixel
cm.g.doubleclick.net/ Frame 5621
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOi-y4BmTRRUD6f95I0p8LM&google_cver=1&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOi-y4BmTRRUD6f95I0p8LM&google_cver=1&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITy...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433827760429286&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM&google_hm=UeACPbdRTQqUKR_Y818Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM&google_hm=UeACPbdRTQqUKR_Y818ZWg==
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPtQ5fIPTX8CFCS4EgLNaoiXygrrzPf0Clltq29Tp_QOygrCRDFZ50SuMF_2qWXYT2jE3wj4LMVQTHITyXNbf-6FwYt-7d95xM&google_hm=UeACPbdRTQqUKR_Y818ZWg==
date
Sun, 07 May 2023 22:33:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5621
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFtSYO_EjUSkrnmZylN4alg&google_cver=1&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-B...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-BD9KQHh7Q&google_hm=eS0yZnNkVGh0RTJwRjh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-BD9KQHh7Q&google_hm=eS0yZnNkVGh0RTJwRjhTcDZBSjNqN1Y5d1pCOW1xUl9HTH5B
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMfhGDIZiL9oD3Sk0vMYur2EeNPUNRNE8RHc4MuiDOiAZ_hDKtdq64GOFelEx3nl4UiufuzlFXw4czalxdITf40E-BD9KQHh7Q&google_hm=eS0yZnNkVGh0RTJwRjhTcDZBSjNqN1Y5d1pCOW1xUl9HTH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5621
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_hm=ZFgnRLRvWhemB6wL9-01wwAADSAAAAAB&google_nid=index&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_hm=ZFgnRLRvWhemB6wL9-01wwAADSAAAAAB&google_nid=index&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7vq1G6yiDtd--KqYL6CqAlrARII4pxQFdQoM9DvjmfUd9hByvR1umlUbGJxo0DIlzAHI
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 May 2023 22:33:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECRSyq6T6kg26Zdm9AxicvY&google_hm=ZFgnRLRvWhemB6wL9-01wwAADSAAAAAB&google_nid=index&google_push=ATf1kGM9GmmfUaVZMRCf1v4p7JQrYcC9qT-7vq1G6yiDtd--KqYL6CqAlrARII4pxQFdQoM9DvjmfUd9hByvR1umlUbGJxo0DIlzAHI
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 5621 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpKu5f7eLcuPUEKZRD9L5_ihq3eKOupuyFyJWTXHjrpDTf_m5GpPC3MghJzYgdn2MTvkjW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 51FC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89d37a238f60424fb9f9409de275efa20c3f9bd7bda9edcff04f7043feb8fcf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECxqDUu9_S0vrDmo-5YkhS8&google_cver=1&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pz...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pzH21AJ1lL0Do9Svs
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pzH21AJ1lL0Do9Svs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 07 May 2023 22:33:40 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x31 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMbmW4EIrhW7LE9JNO0SjTNYWyf7g4rNRLeHEGOP1EkaiC4ehCu2JTbxE90qcEJ-BmqsGbEHIKEMSfBV_pzH21AJ1lL0Do9Svs
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 07 May 2023 22:33:39 GMT
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJtPwaa_-ryyJK9l9J4WnpY&google_push=ATf1kGM458q95cG24w5ydIDM8ieJxyyD66QtFLmyXxGjKdSQYjMXd6ldsU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJtPwaa_-ryyJK9l9J4WnpY&google_push=ATf1kGM458q95cG24w5ydIDM8ieJxyyD66QtFLmyXxGjKdSQYjMXd6ldsU9Uyk78Pzjr16fTGUDh0Mu6G6IIgVfE7YZngSmNdgAC9-Q
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230100-FRA
pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1683498820.007274,VS0,VE91
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJtPwaa_-ryyJK9l9J4WnpY&google_push=ATf1kGM458q95cG24w5ydIDM8ieJxyyD66QtFLmyXxGjKdSQYjMXd6ldsU9Uyk78Pzjr16fTGUDh0Mu6G6IIgVfE7YZngSmNdgAC9-Q
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELPWers2c7VW7oCDloOcqjU&google_cver=1&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNu...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDU3MjM3MDQ3OTgwNjYwNg%3D%3D&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNuw8wO...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDU3MjM3MDQ3OTgwNjYwNg%3D%3D&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNuw8wORRAZ6WgPkL-tY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIzMDU3MjM3MDQ3OTgwNjYwNg%3D%3D&google_push=ATf1kGMD9BnvcHlQRD53jURmf88FnnmPb6AbDZHRaHUiZOy6yhVF20H9NJ0sGVtM-k4_SWYhh3Aum3jDtromNuw8wORRAZ6WgPkL-tY
Date
Sun, 07 May 2023 22:33:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBE6zM3q8n6Sq0mra_M10UQ&google_cver=1&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKf...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBE6zM3q8n6Sq0mra_M10UQ&google_cver=1&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqj...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPzUSjzZYGrVTvXJNjfslt-WPS5JvXI2H_x53p5xV7d2CqphYIK5T8AHOvWnDtSXZWkDGcsyWf5I2ma7jhyppPqjKfFxHmKmw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dds
rtb.openx.net/sync/ Frame 7837 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBDQZP9iNKAwVMnf2hAoNBA&google_cver=1&google_push=ATf1kGNE3ZMVRVDXkh-F7PY6PUprf1c11yvVE2H40lF1OM_ZsbZNchFGECFeN0SqoXT2nTWctUtJ_8cCuqDLs9Zqa2HqNryhtiYHEfs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lgunuppjojceos6kiv53qrfv6phv60th
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGLIlhkrjMUoTIcpy2PPuiA&google_cver=1&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhEWlFCMlktMVItRlJPUA==&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKkZy3gxA8t2AZ6BOEu-Ke1eWQdlkbI
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhEWlFCMlktMVItRlJPUA==&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKkZy3gxA8t2AZ6BOEu-Ke1eWQdlkbI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhEWlFCMlktMVItRlJPUA==&google_push=ATf1kGPztt0K9-ROTlDWARdIuG2bDc4eGVmm6cn5eGJQo3dtSqdk8quOxC8SqsoG0xZXdAR_pKkZy3gxA8t2AZ6BOEu-Ke1eWQdlkbI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7837
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEInFnCoX4N0O07-GQED12ks&google_cver=1&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpE...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpEm9ApaFOdc6ZqVgd8q5w
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpEm9ApaFOdc6ZqVgd8q5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMYv0a9TKTP3wfZ4fI-d4ypE3n1GIJkyawFXYBfPEdBXmKdW1SqDp6oxN8yWte_BKqBf9IArm_2pBpEm9ApaFOdc6ZqVgd8q5w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 7837 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDYijVqiBMiAXjXsxw2OUEEMNhLv_Tn4DgkP_UFKFITr0r0s3wIx4Zt7E4lC7tOf0fDfVj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame BE71 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=1619719563&pi=t.aa~a.2021485020~rp.4&w=980&lmt=1683498819&nsk=15543c07&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=2&bdt=1737&idt=2&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467%2C980x467&nras=4&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=3158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=IKRNyI0QWA&p=https%3A//www.xyg688.com&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
45868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 09:49:11 GMT
google
match.adsrvr.org/track/cmf/ Frame 1768 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK1pZjjNfwLBdtLC6sBM66U&google_cver=1&google_push=ATf1kGPncspIqfkRd1g6DQv20aEmxuyekj4tMIq59WEo11ZtVO2SoB8pifhh8ssTD1WvClHp3EIYwR5epUMh5UudBrCeQro0b3G78ps
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1768
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFeQ8p8ffc2n4VqqWQN_tTU&google_cver=1&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF4wHCL7U-_e03rRmahy1w&google_hm=39CohBj1Qcybdvx4v...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF4wHCL7U-_e03rRmahy1w&google_hm=39CohBj1Qcybdvx4vYDMR0Y
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGOv1gLYYe5EqlfOAeJW7eIiS-nWU3lV9hWRJcEGh-zIj9bePs1F3_mdN8bLXepw-WSSCb5v1bHT0sF4wHCL7U-_e03rRmahy1w&google_hm=39CohBj1Qcybdvx4vYDMR0Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1768
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBHPdAiSSleI-Sx2FfGjb_o&google_cver=1&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO5...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OclXbrc-TfSFKzjwCisJSA2&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO54S7chOBnmPodzSQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OclXbrc-TfSFKzjwCisJSA2&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO54S7chOBnmPodzSQ
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 22:33:40 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OclXbrc-TfSFKzjwCisJSA2&google_push=ATf1kGPSN0kozsDfBGetxfQehlEbcNwRFFhUMFAaXBfj9JimCmBQrH7oh3wC0TbmdXEXDjlGc6Nxy9Oy4MsLJnO54S7chOBnmPodzSQ
x-host
tde-deliveryengine-production-797dcffc79-8vfcb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1768
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFtSYO_EjUSkrnmZylN4alg&google_cver=1&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_1ke86eLE&google_hm=eS1QYnNreGpaRTJwRWk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_1ke86eLE&google_hm=eS1QYnNreGpaRTJwRWk1WGZGcGI5OUxFU3ZFdHE1VWM3cX5B
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNELARQdupQJrrWqcvrrtnRFzs5kkynIUqliYMnMZKASflYXfkuc5MaU9-YZUvMQpEIZ1fqAxyqFxvVzIgy_UtCFM_1ke86eLE&google_hm=eS1QYnNreGpaRTJwRWk1WGZGcGI5OUxFU3ZFdHE1VWM3cX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1768
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFX68iHJ9fUwN0ZQLwQck90&google_cver=1&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOH...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFX68iHJ9fUwN0ZQLwQck90&google_cver=1&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ON...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg2NjIzNTM0MTExNDA1Mzc2Mg&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg2NjIzNTM0MTExNDA1Mzc2Mg&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOHS68Lp7qqV1ag30MBS8g2klo
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg2NjIzNTM0MTExNDA1Mzc2Mg&google_push=ATf1kGODw9AIg8LylM5k5OxwZuA3CzNFz1xda4tVkwf7qmfsrTsIsCeE5aDuxj0Dh5bPyIa17ONcZnOHS68Lp7qqV1ag30MBS8g2klo
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync.aspx
dis.criteo.com/dis/ Frame 1768 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPvHY34AZMGgSrPq-r0s8ww&google_cver=1&google_push=ATf1kGOhrCHoZXDvKmFJkVhPlb1Yphsf5KvlM-vRzX7Vm_MooqCyVO0KWT0F855zqyYDhA9dOgYQoPDHRfuxjkhqbheCDwX5iELdGGU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:39 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
311890
expires
Sun, 07 May 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 1768 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBDQZP9iNKAwVMnf2hAoNBA&google_cver=1&google_push=ATf1kGMQp1zMnI5u8zpHWnlFHSIXDa297c1SMKuiM_a-QBXY1sHu7TcBSxM6XIhtEnTARkdszY93FUnIXxbPU1bOZgK6WlYd1beKpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 May 2023 22:33:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
568p1v08am1ifrlr0ebrtrf3v3c63icm
attr
cm.g.doubleclick.net/pixel/ Frame 1768 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkvPeMrTBB5NmhO7uC0K9woBh278-tad7r9B2A7YIXFzYTiERJHTJ9F-jpvz8TQcPx8ztS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame FADA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3305564881&pi=t.aa~a.2240417765~rp.4&w=980&lmt=1683498819&nsk=5b5d2ec2&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600&nras=2&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=1501&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=HtA41vTlJ8&p=https%3A//www.xyg688.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
45868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 09:49:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ce0f76e0c29af21112a4b4be918895ac7ce7a37fcdda2a279940e72bc3fb800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11092
x-xss-protection
0
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame 0787 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9427080467518642&output=html&h=467&adk=3219435505&adf=3435960032&pi=t.aa~a.299337268~rp.4&w=980&lmt=1683498819&nsk=80c3a7e&rafmt=11&pwprc=4005296234&format=980x467&url=https%3A%2F%2Fwww.xyg688.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683498819282&bpp=1&bdt=1736&idt=-M&shv=r20230502&mjsv=m202305020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4a15ff143ed07bbc-221d3a70c3dd00c0%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MbVbGKxehps2WOifVT45sxhpnu1LA&gpic=UID%3D00000bf861bf8bd4%3AT%3D1683498818%3ART%3D1683498818%3AS%3DALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A&prev_fmts=0x0%2C280x600%2C980x467&nras=3&correlator=5187996764705&frm=20&pv=1&ga_vid=958041314.1683498818&ga_sid=1683498818&ga_hid=860659847&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=140&ady=2209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44773810%2C44759875%2C44759926%2C31073764%2C44788441%2C44789779&oid=2&psts=ABHeCvgKYVLzZZ_AIGC-fAPjVl2P4bt6r23Dcp0rkkXRp-WXDdWbYZGX7Gy5mGntEWF156Tp7Ex00I3PsfpdrOn6-Y4gGvic&pvsid=4037730368384027&tmod=2089111786&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=7jJjamB72t&p=https%3A//www.xyg688.com&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
45869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 09:49:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9427080467518642&plah=www.xyg688.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 May 2023 22:33:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FFA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 16:55:45 GMT
expires
Mon, 06 May 2024 16:55:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E862 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
902f1fb7680cd195bf7aa126d94fc4d4626396bdf189300430163fee1a6a20be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DPU1gtlmnBPZ__ncVGg7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.xyg688.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DPU1gtlmnBPZ__ncVGg7qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 May 2023 22:33:40 GMT
expires
Sun, 07 May 2023 22:33:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
pagead2.googlesyndication.com/bg/ Frame 4FFA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 09:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
45869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14855
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 May 2024 09:49:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E862 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=4037730368384027&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4FFA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dujt1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=4037730368384027&bg=!BQalBlLNAAYV_mUANf47ADkAdvg8WlC4G_9tvKHS74FEIdz-pYvxfMxi1XGuhhqiclIwqGEX4MiUpTOrJ6YyaZ7-i3YhylN2glACAAAARlIAAAAEaAEHmQLNoSclTtj28IdRNd2UshDWWa-LPhK_Q4uXwtTCJFATVIi7D-37e_F-xvh8rRSoB2hpNsQA7er51gR3YwT0K00f2M2hXQ9JS5qyLTiFzWo0t_yFf-i_PNoPkHplEYb_3L0BmRkRhwicM6GrfawWIq-y4eEM3RtegjVkoBzvIAvDe1yMRt6gHeUmR-UViM5Y5kmnt6ir9sylvxLl2VxR82zy_xdN-dSlPVr_YotEq4aJLeC5XUIIJirm-Z8xsUZyjEI4A-VXVySqDsLZFBur46lkuMssD4hcOPIGvn9p7wpwVwPhTflIDVyur-vIk_4nBVt4SyerA_1Dfa8a64DcrhJa3xmsAAC2winjM7jT3jpbksvqpcXhtjP7cEobrmRTobftyp2GzWcyxroOIPMpSQGQBUsQfiTP1lQfie_aBaD8i9A117Sb5ErU5b9fReAWnFn7HDbff9aDFiQy9bIKvl6F67jnY1ng1CmkfvtjGKbIxaxXiHoQtJNQXe29NbIyU-T7qKEhgDAyOnNAxG3K08rPEEXqsN0w3EdCnEOh8-aAf4w-yMNjYPgdwuAEvry_qDorRsnv-Mh0GLMPkPTRW4wrngLsHvrQ1uhF9eeZoU0GCOGd1277xI6QESzkPcJ42E8vsEd43GiMTRFeybTCnaaVZ8Y0P0CauY2OCa5ONcmQYPw-p6cNGfdkGrMFFQKBVU3Wru2-MisueZu0vRPXvZpBJ2lgWSsq2LN4QfEJ_BZz-8vKMfSwf79S423jnxx-3pEBMd_Sc6lTrt54kAxxdCT69s80lb977mrIdJ9HebVD_HM9HvvS6qqV1Qk9llQ-_7_NUXs0Jgbr4EytBnBTB_g3HKlVY79FoO0fBC8aE4TN5ztwkb2Q4YjaN8Q2sg0-F0905XC5p8bYgEFzqS7aefPdVjXIzh16pOolcUZBM51PWWmMnrS-tRPL8kUbFkuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
v2.ui2.close2.png
www.xyg688.com/wp-content/plugins/wechat-social-login/assets/image/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/image/v2.ui2.close2.png
Requested by
Host: www.xyg688.com
URL: https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1c42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1269148eba5c47ce07d332a181a33bf6c78f7e09ec1bb598c6e0c648070f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xyg688.com/wp-content/plugins/wechat-social-login/assets/css/social.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:33:41 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1222005
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1182
last-modified
Thu, 16 Dec 2021 07:37:42 GMT
server
cloudflare
etag
"61baecc6-49e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5HMBK2wVtzvoDb29K5FjRSjS3OJ2s9ab17BDre44NZuKZYkjptR70tmfpHAfp4%2FlWIP1H6PEnpw7R3zQHL2H9xK4pgrJt5vBhaxFsOOo6cHPTNYKLrvoMB9LUoNqmG%2BO7pT2dw00vk6swGy%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c3ced148f122c1b-FRA
expires
Tue, 23 May 2023 19:06:55 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 boolean| credentialless object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| sekFrontLocalized object| nb_ undefined| $ function| jQuery object| dw_reaction function| adsenseLoaderConfig function| adsenseLoader function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 function| wpfront_scroll_top_init function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| wpfront_scroll_top function| _ object| HUParams function| _load object| xh_social_view function| wsocial_dialog_login_show function| __modal_wsocial_login_resize function| MobileDetect function| tcOutline object| czrapp function| Waypoint object| _params object| $_to_center_with_delay object| googletag function| _trigger boolean| nb_allImagesLazyLoadedForScrollToAnchor object| _visible_list object| google_llp object| GoogleGcLKhOms

30 Cookies

Domain/Path Name / Value
www.xyg688.com/ Name: wp_xh_session_050f920e85de064de828e63d202b6615
Value: 19368d83748173613e857a56fa8f6921%7C%7C1683671616%7C%7C1683668016%7C%7Cb984adb08b6ad158f9a16b62d6ccf15b
www.xyg688.com/ Name: quads_browser_width
Value: 1600
.xyg688.com/ Name: __gads
Value: ID=4a15ff143ed07bbc-221d3a70c3dd00c0:T=1683498818:RT=1683498818:S=ALNI_MbVbGKxehps2WOifVT45sxhpnu1LA
.xyg688.com/ Name: __gpi
Value: UID=00000bf861bf8bd4:T=1683498818:RT=1683498818:S=ALNI_MZ6cp5CX0h5AdWaxrqW0mnhVY43_A
.doubleclick.net/ Name: IDE
Value: AHWqTUnJVcERGIE4oPYD1GplygtIp_UObhkWI8lfoCPNb9_baE39Yx87rq1hajQ8bK4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.simpli.fi/ Name: suid
Value: 84FC1CE882C94C7491473D6F8FD2D789
.adfarm1.adition.com/ Name: UserID1
Value: 7230572370479806606
.ctnsnet.com/ Name: cid_dfd0a88418f541cc9b76fc78bd80cc47
Value: 1
.ctnsnet.com/ Name: gid_CAESEFeQ8p8ffc2n4VqqWQN_tTU
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2239C9576E-B73E-4DF4-852B-38F00A2B0948%22%7D
.mathtag.com/ Name: uuid
Value: 52156458-2743-4b00-8a5e-e161a3e7a57b
.mathtag.com/ Name: mt_mop
Value: 4:1683498819
.casalemedia.com/ Name: CMID
Value: ZFgnRLRvWhemB6wL9.01wwAA
.casalemedia.com/ Name: CMPS
Value: 3360
.casalemedia.com/ Name: CMPRO
Value: 3360
.yahoo.com/ Name: A3
Value: d=AQABBEQnWGQCEADeKy3G3GLsdZHeP6fwMfQFEgEBAQF4WWRiZAAAAAAA_eMAAA&S=AQAAAj_tJb65HjOv7vnT1boEXbM
.de17a.com/ Name: guid
Value: 1.8389555942381391376
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 51e0023d-b751-4d0a-9429-1fd8f35f195a
.bidswitch.net/ Name: c
Value: 1683498820
.bidswitch.net/ Name: tuuid_lu
Value: 1683498820
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFgnRAAIXjH9BABL
.adform.net/ Name: uid
Value: 5866235341114053762
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjc3MzAxsjSyMBPiM9Q1MvKPKEwM8y9K8vQGAPHgB8slAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjc3MzAxsjSyMBPiM9Q1MvKPKEwM8y9K8vQGAPHgB8slAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1vFwmtoZmFsYmlhYWRgZGwIACq2sG0QAAAA
.turn.com/ Name: uid
Value: 4320124612310341847
.tribalfusion.com/ Name: ANON_ID
Value: ainseFt3er66AxvPABpV4tIcrRT84ZbSKXXSceTsq4FT07ePbyskTLb0nydkmcZcyUy8KfBxNX0Zb0HQP4yiWmh

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
cravatar.cn
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gcore.jsdelivr.net
googleads.g.doubleclick.net
images.weserv.nl
match.adsrvr.org
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
www.xyg688.com
x.bidswitch.net
xyg688.com
142.250.186.162
151.101.66.49
172.83.153.70
178.250.7.11
185.29.134.248
185.80.39.216
193.0.160.130
213.155.156.184
2606:4700:3035::6815:1c42
2606:4700:3038::6815:e98e
2606:4700::6812:18ad
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a03:90c0:41:2801::62
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba
34.91.62.186
35.186.193.173
35.186.253.211
35.190.0.66
35.71.131.137
37.157.3.30
46.228.164.11
51.38.120.206
52.57.183.137
69.173.144.138
85.114.159.118
89.207.16.204
01b3b11686297ac8c4ff2a4e681b64cff7f024207e4221a7f140b5498a361530
024e208f5fe126fc3d7ae33a8c52126c4b8ce65101ebf9c4469572188b11dc04
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
08ef375e6b0f1a51ebac6da974011f3b9a2c72cbd18257ec533ecc3dbdee0598
0a31f3861939da8407c0c5522439c1265d351216584ea64138bbaa83a25a7e65
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dcc7eee589c09d0bdc204289127d2c091d89be9f1fd61287099b396ef0e2f8d
14aa966625d0652b02e26bc8cde0dcd9482999b6aa2f41b2c1ee83051c23647a
15ea684d7a5187781c2e6d35e78d450f79ee641b69501286538a6b7c05b7b660
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00
1c97ea953fe9b0793708c3a714a1a18e90340675fcc000e08652c679721ea68b
1d1714057127e8cd32d3d493eae000981b88d6b1906b4592b96f3776b4f077ba
1e90d8105bfe741a635c65ff75346962000467ddd5073b4c41f6e7a710ffe512
22acf585e6bfc728a4a7b375be039a77e534885cd1b734a29e61306fb5b2a327
2563bfb61a0609fac02828315f7a07fddee3e8f21d31a11582be8382ea1188b7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ce0f76e0c29af21112a4b4be918895ac7ce7a37fcdda2a279940e72bc3fb800
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e22a7e08288d8fb34f57ba013279b3a4b64d3f267fe3ecad13d734c5426cea2
2e6fabcc25e001128bc84c06755e659872844fb290bdba73e6839bc0c19efbc6
2fb36e11d784ffe5124aad65179b8954d1c2363ffc98ae1a505bed7e59443c59
30352c39b8b9975df38f2ecfaede3e62a1aab9932a767ea601adc3e43b374f47
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
331f261e467e8b39826793f5981dc36a623c16dae1362d423d6994da8ffe5451
3e4bb2716d67abd0418fc59e28b241ed1a352e304ce085df371b2c3a92b51b73
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
497e63a5579fcb89c02b41883243a33a50b3a21a21c9d30425d1ea925c7b5a5e
4d1269148eba5c47ce07d332a181a33bf6c78f7e09ec1bb598c6e0c648070f18
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501f611306d68d8af2978e88b9dbb98afc052add852592930f3a7755e66ae22e
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5758d1ad3c6f35962da2c4d2e162cf59ef64dc0954c54171eaa73babbb2af9e2
597672defc0051744b31aac483ff8626d98f3903355e344c9c7783d933553e17
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60a1310153b2f271b21004a33c348c2a96f2e096b7f69493ece8807057a7c76d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ff09a8013f9dfc0f7cbefc6feb180c258818e151aff470902f29ef44342f0d
6861c00f96e5e7c21d52edbccc7a699cbb1efd02b3e162d84802ae0636ec4063
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6df968e65ed4801aeaf8c0633eeeea07d7639f9048302b29d87359730e76c869
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
7d25d283cffb27454f0defc451d2f1d42ea8ce681aa56a395817871b895420cd
84b7c1cb7024340ea14c27be9e20ef8a67254a44f9fa22bc8dc8e9eb24a823e2
89d37a238f60424fb9f9409de275efa20c3f9bd7bda9edcff04f7043feb8fcf8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8daaa4ed16297478af007774febefe6ca3674fda47ed73e913b1b583d34883fb
8dbe8457cc41e254cb7fcd4dfa77c52c16413c18f35a370b77c5f07b4895562a
8ef2638d96561575cf2e9017a180fe020e4a964abbe4d4081e56956c1a34c551
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
8f953f658356cb625b5b76fef9b0a998f9dfc821ae9e43976a51c55e546be5a3
8ff14b4dda8cd692ccccf5e6a8c6c90cfb7354858f7791982c733f1567cc72bc
902f1fb7680cd195bf7aa126d94fc4d4626396bdf189300430163fee1a6a20be
95d18753d8b7599855e54e3606c7d3a3883b71858fa2214bf84ee531d900756d
97363b6ced0c1ca6d76ebcc6782512959cc8c5d6c8f40cb4976b4179bb685e53
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fed949d1522fab95635d918cd446d6967df1ea7e898df795636ecc0d11d5316
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b1e60ce2facc4b28ff2513394e4dee5f00cf194733cd42de119fdd2fb2010c90
b31c1d0a0cb96c1c15715c701cc263306008541e62ac8c1b629fef4959cebbff
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
bb59098068e25c2cacdf46e3877d8a443d562dbcc1eea6fd1b84ff40b8be189b
c16a00c35650ee5b15c15837700aaf8a1455bf18b2f579770174dd8d7531a21e
c60964ee353be12e47c742b5d244e3b3527ea1e6427c33715a63886244eda5fc
c84b22b5edd886451127dfe8d12e77b7fe13614b6da11e0af12e55af4fefe4d5
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdde4e7cb3ca77ba2c6bf13644c1f2ce5f41e066d85e02eba9332e0e1c643df9
cf78a94950fc7e5a92b8d120c73a52cee3782ef51f0c5451b31f3bfd506b0e54
cf80ff67f3fc7d46b03af21e07cbaf3ce599eed2aa8c7659b92f597ecfe48043
d09b720faf119b9c3a31da8de154e218563d03b4fb6f1d506d446167689bd1f5
d48ce98c517477b521a4aef635b943cac461fc3b6f52b4f4b6fbe0d83a6e06d4
d78efc63f5080b21ed89c35bfbcf97382a59149aae1fadaf5e349312de5e93db
da5c0644f7aaf6e36d363f1f46dac0395d57bb93125927171777e7c0a015d8c4
dcc75d60bdc48129ec2e7cdbf2d0feb6fbb4b2b018bb26ea3b44f7ba51c45cab
e0be8ceb2d04986e171369b3adac55b939dd5aa721857190ed77868420c95b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e58f1e38402cfe574bff1585efc2574efe45fc3bed03c9564779a0fc14b78f7c
e8b2e5afc71ea7ef56511169f8e038a74633da27312f405f0b5eb74315a227d2
ead0c427f453ce09f3f8d3b82b3abdef0cf44a7d40d3d79387656b091dc91333
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ed33f1550cc4236ba0d9abea728cc10c56f28448b131fe1340c7ab7a021ec9b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43516bc7055626d7fd39779bca9318e44d3bacc356f3685406ad222d7ef65a3
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f8f0acbfc73a3586c7c57fe0f1270ad10ea18d6ecce23c4ce3286a4300ec709b
fa10bb68da7339935c4a125a5d2835e93f808accd24ecee607c586ebac91f7e0
fc749b321d02fef9fdd5550423288af2435c4c66f4ca6b4da87ecdf09fcd4ed2