www.cantoneseinput.com Open in urlscan Pro
209.182.195.97 Public Scan

URL:
https://www.cantoneseinput.com/
Submission: On March 18 via api (March 18th 2021, 11:40:13 pm UTC) from US

Summary HTTP 62 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 62 HTTP transactions. The main IP is 209.182.195.97, located in United States and belongs to INMOTION, US. The main domain is www.cantoneseinput.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 14th 2021. Valid for: 3 months.

This is the only time www.cantoneseinput.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	209.182.195.97 209.182.195.97	22611 (INMOTION) (INMOTION)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
62	11

10 209.182.195.97 (United States)

ASN22611 (INMOTION, US)
PTR: vps56546.inmotionhosting.com

www.cantoneseinput.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.inputfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	362 KB
9	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	71 KB
9	inputfree.com www.inputfree.com	596 KB
4	googletagservices.com www.googletagservices.com	135 KB
3	gstatic.com www.gstatic.com	32 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.com adservice.google.com	313 B
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	647 B
1	cantoneseinput.com www.cantoneseinput.com	10 KB
62	10

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	www.cantoneseinput.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	www.inputfree.com	www.cantoneseinput.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.cantoneseinput.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.cantoneseinput.com
62	12

This site contains links to these domains. Also see Links.

Domain
www.pinyinput.com
www.cangjieinput.com
www.simpleinput.com
www.jyutping.com
www.facebook.com
www.inputfree.com

Subject Issuer	Validity	Valid
cantoneseinput.com cPanel, Inc. Certification Authority	`2021-03-14` - `2021-06-12`	3 months	crt.sh
inputfree.com cPanel, Inc. Certification Authority	`2021-03-14` - `2021-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.cantoneseinput.com/
Frame ID: 988DA2E59F6EDCC9A379AA5AE75B71D8
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 8BBACA772B909A70C584D0C79DF950F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=7923531656&adk=840753360&adf=1928852200&pi=t.ma~as.7923531656&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787645&bpp=15&bdt=4541&idt=63&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6406315447479&frm=20&pv=2&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=x0JV60pWy4&p=https%3A//www.cantoneseinput.com&dtd=83
Frame ID: 8E5DB7FB4A1F5536188929076A28A1C3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=1876998059&adk=3671617547&adf=1730739854&pi=t.ma~as.1876998059&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787660&bpp=3&bdt=4556&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76acn5Oxpt&p=https%3A//www.cantoneseinput.com&dtd=82
Frame ID: B1358C4A81869A4D74A0AD9345FD46BD
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=3609934589&adk=3393691578&adf=3560713065&pi=t.ma~as.3609934589&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787663&bpp=1&bdt=4559&idt=82&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UmHiGrLjWu&p=https%3A//www.cantoneseinput.com&dtd=85
Frame ID: DFE9ED9B8B6A37AE091CC88E327CD76C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&adk=1812271804&adf=3025194257&lmt=1616110787&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616110787664&bpp=1&bdt=4560&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=93
Frame ID: 956E40E1CFD6962AAE70B7FA2EC0E8D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: 50CDFEAB656EE465A62A9A34555AAC02
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: 7D69653ED14A9DE88D80B6F8799A20AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js
Frame ID: 09579291FE908FAE3CC3B173E6BDB194
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: CF2186A8D408AD1960280F3788F206E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

62
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1226 kB
Transfer

2688 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pinyinput.com/
Title: 網上拼音輸入法

Search URL Search Domain Scan URL

URL: https://www.cangjieinput.com/
Title: 網上倉頡輸入法

Search URL Search Domain Scan URL

URL: https://www.simpleinput.com/
Title: 網上速成輸入法

Search URL Search Domain Scan URL

URL: https://www.jyutping.com/
Title: 網上粵拼輸入法

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cantoneseinput
Title: facebook

Search URL Search Domain Scan URL

URL: http://www.inputfree.com/
Title: inputfree.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.cantoneseinput.com/ 40 KB
10 KB 734ms
155ms Document
text/html 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 10dab6d81f47b7588e4c65da057ad59bebb2f411bb74d1956f61620b13aecd05

Request headers

:method: GET
:authority: www.cantoneseinput.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
server: Apache
set-cookie: spacebar=1; expires=Fri, 19-Mar-2021 00:39:43 GMT; Max-Age=3600 engwordsinput=1; expires=Fri, 19-Mar-2021 00:39:43 GMT; Max-Age=3600 chiwordsinput=1; expires=Fri, 19-Mar-2021 00:39:43 GMT; Max-Age=3600 explanation=1; expires=Fri, 19-Mar-2021 00:39:43 GMT; Max-Age=3600
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 9688
content-type: text/html;charset=utf-8

GET
H2 200 style.css
www.inputfree.com/engine/css/7.6/ 7 KB
2 KB 766ms
154ms Stylesheet
text/css 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inputfree.com/engine/css/7.6/style.css
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 1aaf2a247e60b1f52ebdb5862ce44f815287ae54acaba11267e9cf7b39af5801

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 16:22:30 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1683
expires: Sat, 17 Apr 2021 23:39:43 GMT

GET
H2 200 codecantonese.js Show response
www.inputfree.com/engine/js/ 37 KB
22 KB 902ms
290ms Script
application/javascript 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inputfree.com/engine/js/codecantonese.js
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 5a2ee703e476c27daa7c8a508b80659c351da7cebea3315f66f4ffafc7c327d9

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 22:34:21 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 22489
expires: Sat, 20 Mar 2021 23:39:43 GMT

GET
H2 200 chiwordscat.js Show response
www.inputfree.com/engine/js/ 711 KB
345 KB 1050ms
438ms Script
application/javascript 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inputfree.com/engine/js/chiwordscat.js
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 2e30e9fd41027e7171059cae5aa8f7f67494e61edba770bd7323db10b1c9373b

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 10:26:10 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
expires: Sat, 20 Mar 2021 23:39:43 GMT

GET
H2 200 engwordsexpand.js Show response
www.inputfree.com/engine/js/ 351 KB
174 KB 910ms
298ms Script
application/javascript 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inputfree.com/engine/js/engwordsexpand.js
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 941c10bb2b782b2f66e786acf02de7a50270f713b715fe5eb0e3ea129c822304

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 14:20:30 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
expires: Sat, 20 Mar 2021 23:39:43 GMT

GET
H2 200 ime.js Show response
www.inputfree.com/engine/js/7.6/ 43 KB
10 KB 767ms
155ms Script
application/javascript 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to

Full URL: https://www.inputfree.com/engine/js/7.6/ime.js
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 0884fc0792d31ff407e105ce22281c82347150dc1e6d8763a49f5fcc6a42ff10

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
last-modified: Sun, 03 Jan 2021 15:47:07 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
content-length: 10020
expires: Sat, 20 Mar 2021 23:39:43 GMT

GET
H2 200 titlecantonese.jpg
www.inputfree.com/engine/images/7.6/ 16 KB
15 KB 545ms
543ms Image
image/jpeg 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inputfree.com/engine/images/7.6/titlecantonese.jpg
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 640b4845875deb83c1f2d936539dea685fb38504089e8ddf79569530b810be70

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:44 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 00:26:25 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15204
expires: Sat, 17 Apr 2021 23:39:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49785
x-xss-protection: 0
server: cafe
etag: 5737719656913929434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 23:39:43 GMT

GET
H2 200 navbuttons.jpg
www.inputfree.com/engine/images/7.6/ 19 KB
19 KB 539ms
538ms Image
image/jpeg 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inputfree.com/engine/images/7.6/navbuttons.jpg
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: d2f79137d92059b06c5e7318e4125301c247a13a918faee06ab8683b10982b6f

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:44 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 00:26:25 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18998
expires: Sat, 17 Apr 2021 23:39:44 GMT

GET
H2 200 biggif.gif
www.inputfree.com/engine/images/7.6/ 5 KB
5 KB 519ms
518ms Image
image/gif 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inputfree.com/engine/images/7.6/biggif.gif
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: ab73d29e297bce702da3f73e5428b592819e56046b81623e0003c1198e455268

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:44 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 00:26:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5317
expires: Sat, 17 Apr 2021 23:39:44 GMT

GET
H2 200 functcantonese.jpg
www.inputfree.com/engine/images/7.6/ 5 KB
4 KB 154ms
154ms Image
image/jpeg 209.182.195.97
INMOTION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.inputfree.com/engine/images/7.6/functcantonese.jpg
Requested by: Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.182.195.97 , United States, ASN22611 (INMOTION, US),
Reverse DNS: vps56546.inmotionhosting.com
Software: Apache /
Resource Hash: 4bb4374b56bf7141c4ed096bc9eb05918e443292aa550a0a7c7c81f2e3fe0b35

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 00:26:23 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4277
expires: Sat, 17 Apr 2021 23:39:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.cantoneseinput.com
URL: https://www.cantoneseinput.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 682
date: Thu, 18 Mar 2021 23:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Mar 2021 01:28:25 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266732652464817&plah=www.cantoneseinput.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 23:39:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 8BBA 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 18:01:35 GMT
expires: Thu, 01 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 20292
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
395 B 47ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1275143695&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cantoneseinput.com%2F&ul=en-us&de=UTF-8&dt=Online%20Cantonese%20Input%20Method%20%E7%B6%B2%E4%B8%8A%E5%BB%A3%E6%9D%B1%E8%A9%B1%E8%BC%B8%E5%85%A5%E6%B3%95&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1407499689&gjid=358637333&cid=217836442.1616110788&tid=UA-1052176-2&_gid=1193488980.1616110788&_r=1&_slc=1&z=462782032

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 23:39:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cantoneseinput.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
647 B 109ms
58ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.cantoneseinput.com&callback=_gfp_s_&client=ca-pub-7266732652464817

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266732652464817&plah=www.cantoneseinput.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b15d49108598c74b50165bd9d2d140bfaf680e926e466e33ff6f79ca6957a10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cantoneseinput.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cantoneseinput.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E5D 64 KB
22 KB 459ms
445ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=7923531656&adk=840753360&adf=1928852200&pi=t.ma~as.7923531656&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787645&bpp=15&bdt=4541&idt=63&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6406315447479&frm=20&pv=2&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=x0JV60pWy4&p=https%3A//www.cantoneseinput.com&dtd=83

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9117a6eb6cc086a2475b5e3790b4ed502692921370253dd5cab45418319581c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=7923531656&adk=840753360&adf=1928852200&pi=t.ma~as.7923531656&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787645&bpp=15&bdt=4541&idt=63&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6406315447479&frm=20&pv=2&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=x0JV60pWy4&p=https%3A//www.cantoneseinput.com&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 23:39:48 GMT
server: cafe
content-length: 22783
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 23:54:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 23:39:48 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:47 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B135 61 KB
21 KB 405ms
401ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=1876998059&adk=3671617547&adf=1730739854&pi=t.ma~as.1876998059&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787660&bpp=3&bdt=4556&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76acn5Oxpt&p=https%3A//www.cantoneseinput.com&dtd=82

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f98d9d7c6bdc4a0face18a0a0f6684bc3391acdcbf40bf4fac23ef7bdbac469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=1876998059&adk=3671617547&adf=1730739854&pi=t.ma~as.1876998059&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787660&bpp=3&bdt=4556&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76acn5Oxpt&p=https%3A//www.cantoneseinput.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 23:39:48 GMT
server: cafe
content-length: 21399
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 23:54:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 23:39:48 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
92 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1052176-2&cid=217836442.1616110788&jid=1407499689&gjid=358637333&_gid=1193488980.1616110788&_u=IEBAAEAAAAAAAC~&z=2031274366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Mar 2021 23:39:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.cantoneseinput.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFE9 64 KB
22 KB 475ms
474ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=3609934589&adk=3393691578&adf=3560713065&pi=t.ma~as.3609934589&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787663&bpp=1&bdt=4559&idt=82&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UmHiGrLjWu&p=https%3A//www.cantoneseinput.com&dtd=85

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2598d2950f4ca1984c448743151fe954c791eb3e2c19c3dd111f0ad9442ca3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=3609934589&adk=3393691578&adf=3560713065&pi=t.ma~as.3609934589&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787663&bpp=1&bdt=4559&idt=82&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UmHiGrLjWu&p=https%3A//www.cantoneseinput.com&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 23:39:48 GMT
server: cafe
content-length: 22541
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 23:54:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 23:39:48 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 956E 0
549 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&adk=1812271804&adf=3025194257&lmt=1616110787&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616110787664&bpp=1&bdt=4560&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=93

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7266732652464817&output=html&adk=1812271804&adf=3025194257&lmt=1616110787&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1616110787664&bpp=1&bdt=4560&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250%2C300x250&nras=1&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=93
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Mar 2021 23:39:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 23:54:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 23:39:47 GMT
cache-control: private

GET
H2 200 bgl_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame B135 5 KB
3 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/bgl_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=1876998059&adk=3671617547&adf=1730739854&pi=t.ma~as.1876998059&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787660&bpp=3&bdt=4556&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76acn5Oxpt&p=https%3A//www.cantoneseinput.com&dtd=82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c506296ca312c789a1a1952e5c70ee8a40a80c4cbbef8169df8f996d97d3d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 22:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2553
x-xss-protection: 0
server: cafe
etag: 5036628006222996298
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 22:00:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B135 2 KB
997 B 33ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:38:27 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame B135 17 KB
7 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:30:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B135 2 KB
2 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B135 117 KB
36 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B135 13 KB
6 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:43 GMT

GET
H2 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame B135 25 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 47088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/1904325946179857769/ Frame B135 55 KB
55 KB 35ms
22ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1904325946179857769/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2457bd25ffca0559129d24bc85cb9f779b4913f15374c1f2733645e4c4eef94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:58:11 GMT
x-content-type-options: nosniff
age: 24097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55964
x-xss-protection: 0
last-modified: Fri, 17 May 2019 05:52:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 16:58:11 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4054772915905394141/ Frame B135 3 KB
3 KB 34ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4054772915905394141/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcf18d73a90d3a026b12f437ecc96b8955bea3d674545d75ab7da4ca31c00761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 23:47:42 GMT
x-content-type-options: nosniff
age: 172326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3367
x-xss-protection: 0
last-modified: Wed, 01 May 2019 12:36:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:47:42 GMT

GET
DATA 200
OK truncated
/ Frame B135 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame B135 0
0 45ms
41ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJN13w-RTYOeWL5aV9u8Pm8KckAeWpoLsYfyG8uK0C64CEAEg0OCfG2CViriCyAegAdyZ3uwDyAEJqQKt1-5owKCEPqgDAcgDywSqBMYBT9Dp10HicMW8NBEZ6ewrPxrlEAVq7HII_r8nCKX8cbtEHhnYv6BVzvNFpzydug9EeG4HHWcZ9-kF6LxXLqbzAV1WTrx2lIF41PFUSsBqEKQhvjNUwCWCJGKCBF5UpkW-DBtHMw5uWPQE0m5W91o5vpFUhbgyAjVQn2jNHahQH-ULt-7v8KOj5SqxZBS_NkL9BVOWf3ev0BxbTzUpP-807pmIE8AA7KjVG8dTdFkpf-YRb3hLya4Pc8MMsAdVvvjY7lNgW3yEwATc1cG1kAOSBQQIBBgBkgUECAUYBKAGLoAHjOahE6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCe6VrSCAkIgOGAEBABGB-ACgHICwHYEwyIFAKyFxoKGAgAEhRwdWItNzI2NjczMjY1MjQ2NDgxNw&sigh=ZtzBf4kcIgc&template_id=484&tpd=AGWhJmtYur6VxgruBc_MKhC6j9dWuGfPpCaPpYD0k0c1wDqaDQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=1876998059&adk=3671617547&adf=1730739854&pi=t.ma~as.1876998059&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787660&bpp=3&bdt=4556&idt=78&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76acn5Oxpt&p=https%3A//www.cantoneseinput.com&dtd=82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 23:39:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:48 GMT

GET
DATA 200
OK truncated
/ Frame B135 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 133f586759b095b523486c93bd574bf988c05dd97b4d51938b386810a77cf95a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8E5D 2 KB
987 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=7923531656&adk=840753360&adf=1928852200&pi=t.ma~as.7923531656&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787645&bpp=15&bdt=4541&idt=63&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6406315447479&frm=20&pv=2&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=x0JV60pWy4&p=https%3A//www.cantoneseinput.com&dtd=83

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:38:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8E5D 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:30:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8E5D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E5D 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:48 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 8E5D 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:43 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame 8E5D 25 KB
11 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 47088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/816456955766653253/ Frame 8E5D 47 KB
47 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/816456955766653253/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

667ec5f1d26b7cef11076bb0d2e8c8606b411ad8baa86af1f1d658ad51971ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 02:02:28 GMT
x-content-type-options: nosniff
age: 164240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48252
x-xss-protection: 0
last-modified: Wed, 06 Jan 2021 11:22:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 02:02:28 GMT

GET
DATA 200
OK truncated
/ Frame 8E5D 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8E5D 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-3Wfw-RTYN2cL5OtlQeNiJEYvoel9GHVvt-A9AyuAhABINDgnxtglYq4gsgHoAGLva-hAsgBCagDAcgDywSqBMkBT9CCgyWB0hbW8dAoTF_9TAG-fnKsm-HHHySA9UPovt42bU5O5fqI_syZtS4uiK3TXG7DUBdfRonVeqG2uLtMANXoOPLHTn8Qdd-28kNAdV4nM5p4IZ1XHXDnoXdI9Av34uSRRDUK5wuiP908jzoFPvb-o0Ap7iu0z0nR0rZtkMvVSznS4ygKquLpcVxRpKrSqk3jFKAMKMuSXBgwIaUlEwsxJ8x_n4p94frR_u9Bv9b0qa_F2M7ctd_U-IA3eiGBZcu3v3F0cd-8wASwxYXYrQOSBQQIBBgBkgUECAUYBKAGLoAHrfTg4AGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ1Nor0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTcyNjY3MzI2NTI0NjQ4MTc&sigh=aF1H9rSjeMQ&template_id=484&tpd=AGWhJmuUlbFQknS9Y0zc2txWWpD9KbLT1x3ub1HAOdi3JGeHFw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=7923531656&adk=840753360&adf=1928852200&pi=t.ma~as.7923531656&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787645&bpp=15&bdt=4541&idt=63&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6406315447479&frm=20&pv=2&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=x0JV60pWy4&p=https%3A//www.cantoneseinput.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 23:39:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DFE9 2 KB
919 B 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=3609934589&adk=3393691578&adf=3560713065&pi=t.ma~as.3609934589&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787663&bpp=1&bdt=4559&idt=82&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UmHiGrLjWu&p=https%3A//www.cantoneseinput.com&dtd=85

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
server: cafe
etag: 8551179781376740118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:38:27 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame DFE9 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 15132876316592709121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:30:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DFE9 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFE9 117 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980836519751"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36389
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:48 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame DFE9 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5991
x-xss-protection: 0
server: cafe
etag: 8832118191516519848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Apr 2021 23:39:43 GMT

GET
H3-Q050 200 957c89dfc9e78dd5a0a3956da91f5358.js Show response
www.gstatic.com/mysidia/ Frame DFE9 25 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/957c89dfc9e78dd5a0a3956da91f5358.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 03:13:35 GMT
server: sffe
age: 47088
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10839
x-xss-protection: 0
expires: Wed, 16 Jun 2021 10:35:00 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/13129033185141287161/ Frame DFE9 31 KB
31 KB 11ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13129033185141287161/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deba331a4a5496bd18844c7153fa987b2e67ec32569150089429a130176f1084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 07:06:04 GMT
x-content-type-options: nosniff
age: 146024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31289
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 10:54:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 07:06:04 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8509207514970701138/ Frame DFE9 2 KB
2 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8509207514970701138/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d946e470baf7bdd0ad391ea7ff4c0ded5f4a6f5ea0e3209f77065eb1ff94d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:47:00 GMT
x-content-type-options: nosniff
age: 175968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2433
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 02:22:35 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 22:47:00 GMT

GET
DATA 200
OK truncated
/ Frame DFE9 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 50CD 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 61686
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:31:42 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFE9 0
0 41ms
41ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct-Quw-RTYJ6XL7TH7_UP4IOesA2-h6X0YYeMi-acDa4CEAEg0OCfG2CViriCyAegAYu9r6ECyAEJqAMByAPLBKoExgFP0NOAKwABIGQ1BqBxwMn2qDBfocs6Xu6rK-5UR51VfcEfvKFGDxM_HgNGA-8kgL546I52nRf0U9viCf7wQEJ0VNm9VNkBVpzQzPxpuCL1NG6-8xD0GvkpkClVWgmYrWQUfJDIIYMh6bqrR_dwdLD4oE7djxNn6VwdWsbEQpyLyazAcEmGlTwGyIJ-CB-c43dgcbjIp1_lRf102wM1pFUV4ev6rCm5RJehd2Gu6gZkn8D6WmrGh98Dkl4T-Z4Aw4zSV7vRS_7ABLDFhditA5IFBAgEGAGSBQQIBRgEoAYugAet9ODgAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCHoR7SCAkIgOGAEBABGB-ACgHICwHYEwyyFxoKGAgAEhRwdWItNzI2NjczMjY1MjQ2NDgxNw&sigh=8v0p2HCa2Pg&template_id=484&tpd=AGWhJms2njBd_Dl97ACISlRdho1P6sQEeqXM26G8C-qnlmNfzg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266732652464817&output=html&h=250&slotname=3609934589&adk=3393691578&adf=3560713065&pi=t.ma~as.3609934589&w=300&lmt=1616110787&psa=0&format=300x250&url=https%3A%2F%2Fwww.cantoneseinput.com%2F&flash=0&wgl=1&dt=1616110787663&bpp=1&bdt=4559&idt=82&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&correlator=6406315447479&frm=20&pv=1&ga_vid=217836442.1616110788&ga_sid=1616110788&ga_hid=1275143695&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=938&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44731609%2C182982200%2C31060048%2C44739387&oid=3&pvsid=4420811884315433&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CapeE%7C&abl=CA&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UmHiGrLjWu&p=https%3A//www.cantoneseinput.com&dtd=85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 18 Mar 2021 23:39:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8E5D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d331490d4fad5b22ecd32670a46bfb16e340f357470d88a95cc9f9b3454d53e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DFE9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27d8def404230989466129273762dd7a8fd8f2e959d8e294ae272d682ba7fd99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db9aefb44451c0ffd142f537fa66efc0e3f013107ce60d8220deccd87c3a61c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 23:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6577
x-xss-protection: 0

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D69 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 61686
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:31:42 GMT

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0957 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 61686
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:31:42 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 23:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 23:39:48 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame CF21 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cantoneseinput.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cantoneseinput.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 16:12:34 GMT
expires: Fri, 18 Mar 2022 16:12:34 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26834
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js Show response
pagead2.googlesyndication.com/bg/ Frame CF21 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/q-Ezh273PvC68AkqxY9CU3NkuwIwgTF06gKyS1kdSdY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 06:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 61686
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5697
x-xss-protection: 0
expires: Fri, 18 Mar 2022 06:31:42 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=4420811884315433&bg=!9vWl9bHNAAbUo7L91KM7ACkAdvg8WtOzOtO0k0QGXD6cUo-e0fMAWHNRDypzlpiaeUf0hmNFCt4ZtwIAAABnUgAAAA5oAQcKATxV-HyvRvzwpmJZCjWzY3Z5kHZHd5lbo4MaDoPETIKt_vOpowg8ppMuILyn2uDiw8BVK0PuJKYOjCy0_EtvLLyQE-9qg7xzETuwLTH9phyHsuRSconR9EQBnNaBEui_Zp42r1ShIG8kGJ-KRTm1flG6OMemsKQ71JC1n-jaP2nPFOI_ckMpJbq8kK1V20530Ogi5wXbVHwS1sXPma_PqKV8Cw4KEvhBDlkoN8Arldom1UXI-_gFVa63BNWKmkOlRalWZGMG8PzxDHlJ2neX-OoZZD2Yimo7ec85KN9xwXSHQOUnjH5_gapdoXH1z9F_CvfJgvXgPVvY_D-W_lUyDdgjcbwijKJMbFJlAPC7J9FHoGOc8exnJZFTJ3vyPK1cbCncPujKiaJyk_uuP_Q1TzfhGC0UvmbxmwbFztDdmQHNTGGCwxQiOPh3zhpGSQuL8eKeqPdFg_1gDDIp0oQek1ZUNVqFMIVPa3QU3h-NQ1OUztUBKuqy91deC0lum6-7Fmeblu7SOZ2MqShEk9JLT6HB4Zo5F8p7KOl2YkeSfpXRUQFkOj875cRiTseryynPbDjd2ocN04HAYe7-Hlmm39U3ONfTux3yUxL12pBYOGkSVR46gSTwSlBK9_MgrYntK5L0vjjS9hPSwNWK63hQ2ai7bI-w_P7qiwFsDE6RrvQ6Vtoa2bEY-KTyz87GlPkIX0ecVYiR9gsqdsTEtHdLndzKn8fLZh_zITujgwCQZNPOjULB8pcR14gUiHsmz35zUbIDq3yb8i7R5NvkMZGclKwUNjuwoAsqTlpz8m3ZW7yWgrB9aBrBQRNAnf_QFH6sOl15hIcD9WTDnJ7leZPDRfknGpNR-Sq0Ex23si1OMXvIRLLTjZn_GdhBTT_f1Td9PsUfr8BTKyzzjogp7voXkLRjK7Gvlfv0L-hEp52heDh49fMuSZGytcgbX6HCmJ09_9e5bIGxxUqhwoZX-yAlfFRI3lNG2rTHifF3QtvCeltBjBdRqNeDnuXHJonXBoxw63uCUX_eFlxruhHQ-WQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cantoneseinput.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 23:39:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B135 42 B
155 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhHBR1F46gqFwBnQjOJObjdaf2O5nejytD5FE9ANFacteLQX_hhMAm8h4GhnDOjKa8-K3Aw1oKZzVHCVdsTdq6-qC4ofhbreTKywmOew2RVJrKua69yHjbnl1VGg&sai=AMfl-YTRyQfHM5iQ17t5XvQhAb8wiK6aztN9pLy0Pg_sxeo3tos7U4X6416DXZfrfTmBHxnDgZjmgwdmTwrI&sig=Cg0ArKJSzBkOrmilPHtqEAE&id=osdim&mcvt=1000&p=285,938,535,1238&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3671617547&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616110787743&dlt=408&rpt=39&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 23:39:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFE9 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsN0gjosGCOii27DMuM6nPgrfBY8ltddkH5f35ZfkHioYeqhD_2U8lgfve8uC1GltgSrCEj90UAJW4gF6ySmqQfqX4cB2oRZZeB4aQrAl0ZweAAqOY6zIhEnhhIQ&sai=AMfl-YSuhAGQl3XgePLbU5rBd2ubtYnmRZRjSZcl8bXFOwnt0G9DgsbjH_V8Zxt_xSCv6q9tbpFLm__L08NK&sig=Cg0ArKJSzGKamX-TY7GKEAE&id=osdim&mcvt=1000&p=555,938,805,1238&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3393691578&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616110787749&dlt=487&rpt=39&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 23:39:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E5D 42 B
66 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJ1znSPU-E2DVPEUUwCZbE65x4dPUbbm_x7XBNSt5hggY-HlrsvZOr9jCWSX0Ki81Y54IetgsbhKKYJMJ0nKHpmjgQfbGeK7ozO5i7MC0Wpsq2CY4C2IHt3OAhwg&sai=AMfl-YSwJ3KOnVTMOFFO8IIOMUwQU7BAwDQTORngn6kb3Cbi7KBctrBcyrguKHufCSicH0G6Nzx_QWz5MBEC&sig=Cg0ArKJSzO3RifRR6NV-EAE&id=osdim&mcvt=1002&p=15,938,265,1238&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=840753360&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616110787734&dlt=490&rpt=59&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 23:39:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:16:46	Name: IDE Value: AHWqTUlVLAzSk-S5Km9SSejJt0QWNxsZ768uigmzplz8_oCEI35ZwzDDKMhwHyaakuk
.cantoneseinput.com/	1970-01-19 16:55:10	Name: _gat Value: 1
.cantoneseinput.com/	1970-01-19 16:56:37	Name: _gid Value: GA1.2.1193488980.1616110788
.cantoneseinput.com/	1970-01-20 02:16:46	Name: __gads Value: ID=606a156cad796225-227ad331ceba00d9:T=1616110787:RT=1616110787:S=ALNI_MZ9pRB8cV5BzclrSKn9Q_GmHPfICg
.cantoneseinput.com/	1970-01-20 10:26:22	Name: _ga Value: GA1.2.217836442.1616110788

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.cantoneseinput.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
www.inputfree.com
142.250.185.162
209.182.195.97
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:400c:c09::9c
0884fc0792d31ff407e105ce22281c82347150dc1e6d8763a49f5fcc6a42ff10
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f98d9d7c6bdc4a0face18a0a0f6684bc3391acdcbf40bf4fac23ef7bdbac469
10dab6d81f47b7588e4c65da057ad59bebb2f411bb74d1956f61620b13aecd05
133f586759b095b523486c93bd574bf988c05dd97b4d51938b386810a77cf95a
1aaf2a247e60b1f52ebdb5862ce44f815287ae54acaba11267e9cf7b39af5801
2457bd25ffca0559129d24bc85cb9f779b4913f15374c1f2733645e4c4eef94a
2598d2950f4ca1984c448743151fe954c791eb3e2c19c3dd111f0ad9442ca3b1
27d8def404230989466129273762dd7a8fd8f2e959d8e294ae272d682ba7fd99
2e30e9fd41027e7171059cae5aa8f7f67494e61edba770bd7323db10b1c9373b
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bb4374b56bf7141c4ed096bc9eb05918e443292aa550a0a7c7c81f2e3fe0b35
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
5a2ee703e476c27daa7c8a508b80659c351da7cebea3315f66f4ffafc7c327d9
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
640b4845875deb83c1f2d936539dea685fb38504089e8ddf79569530b810be70
667ec5f1d26b7cef11076bb0d2e8c8606b411ad8baa86af1f1d658ad51971ce9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c506296ca312c789a1a1952e5c70ee8a40a80c4cbbef8169df8f996d97d3d37
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74701d1b03dcb606710d7cc01bbf35a36ad5e5e443e33e55894a013f0d65aacf
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
8d946e470baf7bdd0ad391ea7ff4c0ded5f4a6f5ea0e3209f77065eb1ff94d4b
9117a6eb6cc086a2475b5e3790b4ed502692921370253dd5cab45418319581c3
941c10bb2b782b2f66e786acf02de7a50270f713b715fe5eb0e3ea129c822304
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab73d29e297bce702da3f73e5428b592819e56046b81623e0003c1198e455268
abe133876ef73ef0baf0092ac58f42537364bb0230813174ea02b24b591d49d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15d49108598c74b50165bd9d2d140bfaf680e926e466e33ff6f79ca6957a10d
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
d2f79137d92059b06c5e7318e4125301c247a13a918faee06ab8683b10982b6f
d331490d4fad5b22ecd32670a46bfb16e340f357470d88a95cc9f9b3454d53e0
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db9aefb44451c0ffd142f537fa66efc0e3f013107ce60d8220deccd87c3a61c8
deba331a4a5496bd18844c7153fa987b2e67ec32569150089429a130176f1084
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fcf18d73a90d3a026b12f437ecc96b8955bea3d674545d75ab7da4ca31c00761

www.cantoneseinput.com Open in urlscan Pro 209.182.195.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

80 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

1226 kBTransfer

2688 kBSize

5 Cookies

6 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cantoneseinput.com Open in urlscan Pro
209.182.195.97 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

1226 kB
Transfer

2688 kB
Size

5
Cookies

62 HTTP transactions
6 data transactions