xiaobaotv.net Open in urlscan Pro
2606:4700:20::681a:eb0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xiaoheimi.net/
Effective URL:
https://xiaobaotv.net/index.php
Submission: On May 01 via manual (May 1st 2023, 1:54:18 am UTC) from AU — Scanned from NL

Summary HTTP 138 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 8 countries across 28 domains to perform 138 HTTP transactions. The main IP is 2606:4700:20::681a:eb0, located in United States and belongs to CLOUDFLARENET, US. The main domain is xiaobaotv.net. The Cisco Umbrella rank of the primary domain is 57197.
TLS certificate: Issued by GTS CA 1P5 on April 21st 2023. Valid for: 3 months.

This is the only time xiaobaotv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 31	2606:4700:20:... 2606:4700:20::681a:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
14	2606:4700:10:... 2606:4700:10::ac43:25da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2 2	3.120.88.196 3.120.88.196	16509 (AMAZON-02) (AMAZON-02)
13	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3 3	35.158.67.42 35.158.67.42	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.9.234 52.209.9.234	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9c2a:e267:cf33:bf47	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
138	20

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xiaoheimi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:20::681a:eb0 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

xiaobaotv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:10::ac43:25da (United States)

ASN13335 (CLOUDFLARENET, US)

img.haiwaikan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.88.196 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-88-196.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.67.42 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-67-42.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.9.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-9-234.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9c2a:e267:cf33:bf47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.133 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	417 KB
31	xiaobaotv.net 2 redirects xiaobaotv.net — Cisco Umbrella Rank: 57197	3 MB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	155 KB
14	haiwaikan.com img.haiwaikan.com — Cisco Umbrella Rank: 223010	1 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	86 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 908	4 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	194 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1248 s.tribalfusion.com — Cisco Umbrella Rank: 2774	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	2 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35205	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	2 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 11490	696 B
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 6664	12 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	464 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	587 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	340 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	715 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	605 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	252 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1274	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	83 KB
1	xiaoheimi.net 1 redirects xiaoheimi.net — Cisco Umbrella Rank: 254708	690 B
0	everesttech.net Failed sync-tm.everesttech.net Failed
138	28

	Domain	Requested by
31	xiaobaotv.net	2 redirects xiaobaotv.net static.cloudflareinsights.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	xiaobaotv.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	img.haiwaikan.com	xiaobaotv.net
13	cm.g.doubleclick.net	googleads.g.doubleclick.net xiaobaotv.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com xiaobaotv.net googleads.g.doubleclick.net
6	c1.adform.net	6 redirects
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
2	image6.pubmatic.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	ssum-sec.casalemedia.com	2 redirects
2	r.scoota.co	2 redirects
2	pm.w55c.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	hm.baidu.com	xiaobaotv.net
1	pixel.rubiconproject.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	xiaobaotv.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	xiaobaotv.net
1	www.googletagmanager.com	xiaobaotv.net
1	xiaoheimi.net	1 redirects
0	sync-tm.everesttech.net Failed	googleads.g.doubleclick.net
138	33

This site contains no links.

Subject Issuer	Validity	Valid
xiaobaotv.net GTS CA 1P5	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
haiwaikan.com GTS CA 1P5	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://xiaobaotv.net/index.php
Frame ID: D5B902168FADB0046CF63B15B3E4C9B8
Requests: 57 HTTP requests in this frame

Frame: https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 1FC6BB145447EA09AB857CF968E07D46
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: E10192D6A8BD681C3B21EBD8B973900F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&adk=1812271804&adf=3025194257&lmt=1682903723&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906050394&bpp=4&bdt=422&idt=292&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1285343836310&frm=20&pv=2&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=327
Frame ID: FE0F16FCCE4DFE07A257C44B92C63CD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8
Frame ID: 54EC8D5DDAEBB133425D934B60DD5E61
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=572337519&pi=t.aa~a.3976007054~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=1&bdt=1303&idt=1&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=IJUBW76YAN&p=https%3A//xiaobaotv.net&dtd=14
Frame ID: A9F9CA7847E7BE5B31428201E5FFC541
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1799A784C7AE6B70F98D99924B2FB4B1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: 242D011D62ED85C7215282B9D8E254FD
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 244379446334B2141946F54CF3FAF523
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 54FF5788D65356626A129DEC36DBE423
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 800A56931D39B8C614EAEC573EDAE290
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: AC53B7AB953523C6F9308D07D3D52D47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 87A952BBEFB45628E5AECCE13B131543
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: 86EF52D5CFBE90821070A5D437CB956E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: E084D45AF5803F62D17737B911B3A2A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js
Frame ID: CE471FCA3FFC5DCE3ABC8F5EE4CC1D2F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4D8D0922B568D2B1CECB04C3F59C885
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F24C67A9A3720DE91C9EEADBA78435F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

小宝影院 - 在线视频

Page URL History Show full URLs

http://xiaoheimi.net/ HTTP 301
https://xiaobaotv.net/ HTTP 301
https://xiaobaotv.net/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

138
Requests

90 %
HTTPS

63 %
IPv6

28
Domains

33
Subdomains

20
IPs

8
Countries

5655 kB
Transfer

7739 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xiaoheimi.net/ HTTP 301
https://xiaobaotv.net/ HTTP 301
https://xiaobaotv.net/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://xiaobaotv.net/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSooVPsFLcaiJveLn0KLsNuXdIqwJoklyeE3ALop1Ry_eKLODTFLS__4zH0T HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSooVPsFLcaiJveLn0KLsNuXdIqwJoklyeE3ALop1Ry_eKLODTFLS__4zH0T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0lla2xxYzIxUFRpSlo1&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSooVPsFLcaiJveLn0KLsNuXdIqwJoklyeE3ALop1Ry_eKLODTFLS__4zH0T

Request Chain 109

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCbeVpW1Dz58LM-QnYoVVg&google_cver=1&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCbeVpW1Dz58LM-QnYoVVg&google_cver=1&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d4cf6345-a96a-4322-b077-ea468cf7cc6d&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a&google_hm=QZRD3UD7QnuTwei0GjOPSQ==

Request Chain 110

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMiQOeGzuAXc_sCUfidtAeI&google_cver=1&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01qrVhoy6rPv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01qrVhoy6rPv&google_hm=eS15eE1QRDVSRTJwRV9SMGROQi4zNTBwbFlOcTltV2h6dn5B

Request Chain 111

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXoDbsJUdfyxBWKtSq3NQSihwhh HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXoDbsJUdfyxBWKtSq3NQSihwhh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA2MzQ2MzU2MTM3NjM5ODUxOA&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXoDbsJUdfyxBWKtSq3NQSihwhh

Request Chain 112

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt3SdVlhLP0f398cf1umdWZLIK HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt3SdVlhLP0f398cf1umdWZLIK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3MjUzMDQzNzMyODQzMjA4NA&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt3SdVlhLP0f398cf1umdWZLIK

Request Chain 113

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_cver=1&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u4XRpFuFEY3OsnJvl_YCrFKtcb4cJFkwVrtF0rIUfrXjpyvp5Aqw5x-igcSWjx2jgJ6N HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u4XRpFuFEY3OsnJvl_YCrFKtcb4cJFkwVrtF0rIUfrXjpyvp5Aqw5x-igcSWjx2jgJ6N&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_hm=ZE8bwy7IwjYnHIxarcVoCQAABKsAAAIB&google_nid=index&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u4XRpFuFEY3OsnJvl_YCrFKtcb4cJFkwVrtF0rIUfrXjpyvp5Aqw5x-igcSWjx2jgJ6N

Request Chain 114

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHbReU0TjgP_Y8_hEFlnkAY&google_cver=1&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK7Tmw9B8fVa_VvLeFzFz- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK7Tmw9B8fVa_VvLeFzFz-

Request Chain 120

https://a.tribalfusion.com/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 122

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAOi6eK1wfSj7vKxNOsUDeM&google_cver=1&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq02xaauiiTTEvLTE3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODAyNjQ1MTMwMTk1NTczNQ%3D%3D&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq02xaauiiTTEvLTE3A

Request Chain 123

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAD0uMHo3Ad07N-b35FKj3w&google_cver=1&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo-UPBUmsM3rbnDuEgx4PPmi4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAD0uMHo3Ad07N-b35FKj3w&google_cver=1&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo-UPBUmsM3rbnDuEgx4PPmi4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwMjUwMDA5ODM2MDE5MTUyNw&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo-UPBUmsM3rbnDuEgx4PPmi4

Request Chain 124

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH2_qo5b-vVeAct8SWbWQK8&google_cver=1&google_push=ATf1kGPZQcVcGLcGSmgp6lzF-hsnkMIrUgBXFIEM0QZ6NLWUO6Wne650Fm7jC03R1px8a7zLY-LLOctTotS7qTT207q35n2IfT1MGLY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH2_qo5b-vVeAct8SWbWQK8&google_cver=1&google_push=ATf1kGPZQcVcGLcGSmgp6lzF-hsnkMIrUgBXFIEM0QZ6NLWUO6Wne650Fm7jC03R1px8a7zLY-LLOctTotS7qTT207q35n2IfT1MGLY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZBXFh0zS_KjVPpiekAS9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZQcVcGLcGSmgp6lzF-hsnkMIrUgBXFIEM0QZ6NLWUO6Wne650Fm7jC03R1px8a7zLY-LLOctTotS7qTT207q35n2IfT1MGLY

Request Chain 125

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFz2_Uf0rjrrClAaGMs1NDQ&google_cver=1&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsXCBvD5vgzeA6LhV6foSXFP2-xCMro HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NlQ4RkktMVMtNDJESw==&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsXCBvD5vgzeA6LhV6foSXFP2-xCMro

138 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
xiaobaotv.net/
Redirect Chain

http://xiaoheimi.net/
https://xiaobaotv.net/
https://xiaobaotv.net/index.php

79 KB
19 KB

712ms
712ms

Document
text/html

2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33 ASP.NET
Resource Hash: 5e70e66a7320546258674dbeebbc642d01933b05807f0dfe0c89e846b4d7e946

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 7c046517e8cd0a64-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 01:54:09 GMT
last-modified: Mon, 01 May 2023 01:15:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wg1W%2FtfAFwZxWOkcbjnzndTU1Q4YtBPdlbM3B6Pn%2BvU2JXiWGG6hESe%2FDVzgx2oxslryBQxEVF%2F4qz%2FML8fE8vatEqsY2%2BZL5kDLd9Jb03LS6iHDpE%2BwROGYoWhPwLjAqKyzaLtZaOGwWdA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.3.33 ASP.NET

Redirect headers

cache-control: max-age=3600
cf-ray: 7c046517b8a90a64-AMS
date: Mon, 01 May 2023 01:54:09 GMT
expires: Mon, 01 May 2023 02:54:09 GMT
location: https://xiaobaotv.net/index.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avBJ6%2ByD%2FLJBt4kUsgt04RsGoKwv0jO0tvUyrKyCl41pUsLqgcaeYC6pvJNTK0WiYxzDF30zkFBW2psgj37EaZ7atwyfMQcSAWBaR5d3zGG1X9jetFqpsjJTHo9kYWC8Yd7nKl5k3sI6IXA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 mytheme-font.css
xiaobaotv.net/template/mytheme/statics/css/ 30 KB
7 KB 41ms
39ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-font.css?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695
cf-polished: origSize=31000
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Sun, 24 Oct 2021 13:12:30 GMT
server: cloudflare
etag: W/"0b37dccd8c8d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAps2FHmGUPE2I15PvIvq%2BkfP7yYC7iEwNc0YQLJuCV%2F4EBWbOH6iT0zRVhYLIQlz0WbiG%2FiUIysl3sihPdXGmvAiKuwb%2BKA1ZqMg0CUym2vbp2bfdbE4FTHWcTpXamz3kuSw6lAwPNJXw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7c04651c7c3d0a64-AMS

GET
H2 200 mytheme-ui.css
xiaobaotv.net/template/mytheme/statics/css/ 30 KB
7 KB 37ms
35ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-ui.css?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8bcde0cdcd1dcb57e104b0ec729649f151a9f404fca6e4bf120a3b929bddca97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 694
cf-polished: origSize=35319
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Tue, 26 Oct 2021 05:40:42 GMT
server: cloudflare
etag: W/"0a9b032ccad71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0DBBEIOu6fnc2vnatdO2aqoG%2BQQ2ijwKyOL3YCkvithXNGwhNOnDFKQI73Zu7eSD%2BgehpQRXhaGhlMR3cgYov%2Bkug9S%2FQwrqMI1TKtqboWpO%2FV58kztpuLGjD%2BR6PCZydA%2BmxA48H42x5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7c04651c7c3e0a64-AMS

GET
H2 200 mytheme-site.css
xiaobaotv.net/template/mytheme/statics/css/ 8 KB
2 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-site.css?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 54ff23d820c7689387840dec8ac8c690ccb9c016763a5571911642836da8e89b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 694
cf-polished: origSize=9989
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Tue, 26 Oct 2021 07:08:20 GMT
server: cloudflare
etag: W/"0cab34138cad71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQGVeo9U2yGF8y1e1YRN7QY%2BAu%2FhX1GTTMOeZ%2FrRqK3VriukE9mJQCOfPfq7w%2Bs2b%2Fcs204s15mBywcg6pnUwFwRTcyzYua8tt0gPb9YDhVPR5VJ5FIx1B7rwzYhfoQEvXbEePtzKtUkEJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7c04651c7c410a64-AMS

GET
H2 200 mytheme-color0.css
xiaobaotv.net/template/mytheme/statics/css/ 4 KB
2 KB 36ms
34ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-color0.css?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 04b8f6c6b334211b64d2dc68ec6b0c4fb5e92922cb102d3424c4c7010d2ed43b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1502
cf-polished: origSize=5473
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Mon, 25 Oct 2021 10:13:00 GMT
server: cloudflare
etag: W/"0de7be388c9d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr%2BpV5hoiQ1TqEUnK5Y%2F3F2KApFd%2Fg5CLzMUTM9tJ1RnFwMmNvTtkzDW0cMFfXXBgPjICenEqsBx0NpN0TfsajLiNNeBwPlvHkeJrypI%2BLXyuTZ4NKJObM5kYYisucX%2F4anyOLL8LDRDhb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7c04651c7c420a64-AMS

GET
H2 200 mytheme-color2.css
xiaobaotv.net/template/mytheme/statics/css/ 4 KB
2 KB 37ms
34ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-color2.css?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aa742badf084573528b8508ecf923da32bc27285928dfbedabcd432ee1ac0887

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81
cf-polished: origSize=5468
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Mon, 25 Oct 2021 10:13:04 GMT
server: cloudflare
etag: W/"038dee588c9d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvNgZjH8QkLs5WB9rWaxMEncd0WIOpSCRpbSyxgbPYQvPoViB8GyorQhR9PowcqyuKHzrlMod9Ip%2FixWtHBhNIpMvsqKLvAeKhNTNmwEq9BS8UCiLSB%2BfhC36s%2BWaIe6Wn4TLfgzvBhazzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
cf-ray: 7c04651c7c430a64-AMS

GET
H2 200 jquery.min.js Show response
xiaobaotv.net/template/mytheme/statics/js/ 85 KB
31 KB 42ms
40ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Oct 2021 13:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2739
etag: W/"0864ccbd8c8d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HarK3htvtv9XtbgA69weGSgvymLtoyDRtvt%2FqcTuaCxLMTWC7UC%2Bl%2FreEZesgZIKz7jpJtviugDEuskzpIeto4eQqlgTjDRWeYsQGMx23QjPA6Vww26q18NUXYmc7iBTe1hN5UzF9VVuxEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c7c450a64-AMS

GET
H2 200 layer.js Show response
xiaobaotv.net/template/mytheme/statics/js/layer/ 22 KB
8 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/layer/layer.js?v3.1.1
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4bbdf072904f25a29941c0389289ffcd87c25f5a839081226bd694e683152ddf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504
cf-polished: origSize=22116
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Sun, 24 Oct 2021 13:12:30 GMT
server: cloudflare
etag: W/"0b37dccd8c8d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbzavK8yOfElUIq1BtRQ642%2FJoZbFOx0fJKIqnZGMqQuV4XgI5xQnDtSj%2F1NNRp%2BWKYbSu%2BnMpaPvnOquwnRxFnxMKXj2WBHi%2FjsktBDPuvVU%2B7uQDfyzwhv9Y2vaJc59mZTeuAFly1ScUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c7c460a64-AMS

GET
H2 200 mytheme-site.js Show response
xiaobaotv.net/template/mytheme/statics/js/ 126 KB
36 KB 62ms
60ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/mytheme-site.js?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c849350bcb1ac105acb5b054ae6f11b75fc55d555c28203d47384247caf9d0da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504
cf-polished: origSize=129231
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Sun, 24 Oct 2021 13:12:28 GMT
server: cloudflare
etag: W/"0864ccbd8c8d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBwUm1GvBJ%2BueORFRiNoOpC65Wn1LeqOtejIuNRfO0sNL6EFm55se86rrLk6Y7Y7S3SvAG4mBW7Y9aI%2Bc4X3Mn23FfCXCoqJHp%2F0lTqq4bud6vBY87DDzYH%2B66Rrtdxl0Adj2L3l3MKVVxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c7c470a64-AMS

GET
H2 200 mytheme-ui.js Show response
xiaobaotv.net/template/mytheme/statics/js/ 15 KB
6 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/mytheme-ui.js?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0456b9ef046b42941738001fbf1621e1b449abcccae2a21bf3bcec0755a05714

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2216
cf-polished: origSize=22626
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Tue, 03 May 2022 08:48:08 GMT
server: cloudflare
etag: W/"0d4e682ca5ed81:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUmRMO%2F4p2qU%2FX%2BTed2IA1L%2BAyOjPxiJnPHUOH%2F8n0rjhf72UX4jjKbLUT43w2xxE0qmcmX4D25Uru%2BdgVnPYKBgBeNQvGYicwHkFrugVqTRhyKg4pcJiDgbMaxq0ljjIsO%2FY14Bw4SzJTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c7c480a64-AMS

GET
H2 200 mytheme-cms.js Show response
xiaobaotv.net/template/mytheme/statics/js/ 6 KB
2 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/mytheme-cms.js?v=2.8
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c59608ce203a13600ee3b947e0d888e248443287eb122e054fcb8669ee1cab6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2379
cf-polished: origSize=8551
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Mon, 25 Oct 2021 10:15:16 GMT
server: cloudflare
etag: W/"0d28b3489c9d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oMXvRwX4RFVJr3vKTuGR8mIFo7JVL80GRRyDFVP3id5%2Bj0UIRluCsjjpagH20l46TAp8mG5ax%2BJVtmtdx%2BuHqe4RWB0IMIABShblOUuixBNAFCDVFzzPMbd%2ByfaYuQa86lzbbIgdtOYuqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c7c4a0a64-AMS

GET
H2 200 home.js Show response
xiaobaotv.net/static/js/ 24 KB
8 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/static/js/home.js
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 614c715bf8ef6f6b1ab83cdc718beaca8715a6093de5878579345fd385a86605

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695
cf-polished: origSize=38310
x-powered-by: ASP.NET
cf-bgj: minify
last-modified: Sat, 23 Oct 2021 10:59:28 GMT
server: cloudflare
etag: W/"0686fcfdc7d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnGjPi0BI62rvukHFHo7cBPrlXnEFAE391O3bw6N8TrG4UiYf5CLPn8vfPZwCvPprNBvvX7IAVRAa97mwMUN4fpm8iztNxvalKpev7Im%2B2AuBm4qFHvsjQ4ZnghqZTQq8JXCZG3dJ%2BFN4WU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c04651c9c590a64-AMS

GET
H2 200 25ef538a6.png
xiaobaotv.net/template/mytheme/statics/image/20211025/ 6 KB
6 KB 52ms
50ms Image
image/png 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/template/mytheme/statics/image/20211025/25ef538a6.png
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 463178ec2626c71685b9cd67b512646b46790628e45a371d494a0b62b156d8bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1503
x-powered-by: ASP.NET
cf-polished: origSize=6831
content-length: 5828
cf-bgj: imgq:100,h2pri
last-modified: Mon, 25 Oct 2021 05:04:30 GMT
server: cloudflare
etag: "03aaca5dc9d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8GPL%2B2sEGOcqE9qCns57A5gHvpgXvfGVMAm%2F75DWWAmwPs8nYPZN8pYb3U9hyFxb04g7WcxOzvqisxzJG1no%2BTE2Laepc6MOf2EfwoOJRCim7bGjZmvMi65IobMrf2gvzOxmLlDzqEjF58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1ccc0a64-AMS

GET
H2 200 6d6b5ac2b4fefd39781417c7c4ac3553.jpg
xiaobaotv.net/upload/vod/20230404-1/ 245 KB
246 KB 51ms
50ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230404-1/6d6b5ac2b4fefd39781417c7c4ac3553.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b32b2058c67539af1876868da27962cc33d049d45c09e93359b6f25130d39ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1097
x-powered-by: ASP.NET
cf-polished: origSize=253207
content-length: 251186
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 09:53:58 GMT
server: cloudflare
etag: "1c359160db66d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTB0TQE5elvgusK61BogImEne7ykziyQgcm6b7NAsrXkuXDurQsuc61Sj6HY46EpvWtQZ9H8mcZc%2BNCQ7JbAX9Rz5xTumVsW4od5aHjYZwoYu1wb%2Bxi6g8EJrU4RFAV4Y2hB5MKoKIOoZDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1ccf0a64-AMS

GET
H2 200 dfff0d65a66ae7c7904ef3bbd2f1667b.jpg
xiaobaotv.net/upload/vod/20230404-1/ 150 KB
151 KB 35ms
34ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230404-1/dfff0d65a66ae7c7904ef3bbd2f1667b.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ffe491350a06cf24020b644db73b568a8543130baef947bf6a76cc7c625a9dac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1097
x-powered-by: ASP.NET
cf-polished: origSize=156929
content-length: 154105
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 09:53:16 GMT
server: cloudflare
etag: "b811747db66d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZqDl%2FbiQ6g38WRb6AqNGj0aQlRAYTEkb9DboEUIXhk0PVKp%2F7IElVfJeRHQxzPCw7rSA4R5E2Tq8rc%2FPUm5AnA5%2B6PaQoOUsrpJ6ImLGUg4Hnu2iqCM997IT0a2XPJP1USBgpIzYZgOgbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cd20a64-AMS

GET
H2 200 251c30051043f1d50f4158959f9158c5.jpg
xiaobaotv.net/upload/vod/20230404-1/ 216 KB
217 KB 50ms
49ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230404-1/251c30051043f1d50f4158959f9158c5.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8fdd69cf300c0557725a4ff0380ece38ff91725b35610ad8c746f72d26006d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
x-powered-by: ASP.NET
cf-polished: origSize=222415
content-length: 221142
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 09:52:52 GMT
server: cloudflare
etag: "28494139db66d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bwHq%2F6k%2Flrqc4PrwJCdn%2B8W8U34eT%2Fox%2BQrvUMad0jClk2G10oPs5aMYxC130pk3NVWQWH%2B0DxSmHKYKCTnPmNrQOXIdA8myc1UMoEuJ5nwWHhMqkJkbjoA0GZ9RbLHEo88JuJrT1ARqWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cd30a64-AMS

GET
H2 200 58209762682ea12a19ccde682c944b2d.jpg
xiaobaotv.net/upload/vod/20230404-1/ 561 KB
562 KB 53ms
52ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230404-1/58209762682ea12a19ccde682c944b2d.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71d5d84baa17eabfc0e04a23de641b042c454c7232a79b58234a7d43671b9cfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
x-powered-by: ASP.NET
cf-polished: origSize=648306
content-length: 574911
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Apr 2023 09:53:38 GMT
server: cloudflare
etag: "fc5d9454db66d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qlfk31cyOaNu36U9KJtSa5Tm8JB9i3tpk5BDsJXTkBIrmffHQlrOMjoyiCPR1TGt8No3q8%2BtwkF6pIwjHIznxAPRJ2kYJvh9Y9dyPzqECqjgxXn5kvlSW29kRIQo0U25TuVmP291NopWRlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cd50a64-AMS

GET
H2 200 c2dabdf4e25bb7d86d2065a6edf7a4c7.jpg
xiaobaotv.net/upload/vod/20230216-1/ 355 KB
356 KB 50ms
49ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230216-1/c2dabdf4e25bb7d86d2065a6edf7a4c7.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9300e430ee22a851e8463bfcecff358882386c692eabd7b0b6ca6245776afd37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
x-powered-by: ASP.NET
cf-polished: origSize=415463
content-length: 364006
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Feb 2023 12:15:56 GMT
server: cloudflare
etag: "436df86b042d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYcMMHq3jk6zeL6mDkKZnmaWVX7flHdFoiCtZsO1BT9PTNCCgGpauwXQBym3Q4gLKiCyUbFFNbS4hiLLKLjT0ta9Df52wxPiJrsf1%2F4lSmaEeF%2FIek7G6eJNSZCZajjrJK8sqoUEPji5vlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cd80a64-AMS

GET
H2 200 5f0eb15b528194cf90e5bddde6a2a230.jpg
xiaobaotv.net/upload/vod/20230205-1/ 577 KB
578 KB 52ms
51ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230205-1/5f0eb15b528194cf90e5bddde6a2a230.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7ea84a200b8fc5ec393ebfa5c9e90cbbc2121028f6178ccb1cae7605d6e3977b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
x-powered-by: ASP.NET
cf-polished: origSize=667865
content-length: 590869
cf-bgj: imgq:100,h2pri
last-modified: Sun, 05 Feb 2023 12:48:32 GMT
server: cloudflare
etag: "c668a276039d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B9BijhpQ4CzKQPEJyrSKEUdSaeL7adOb71gm0YgFHDtB9v4WNInyfiYQSxdi0ltnWCpKD7ofjM4Nj1WnB0CbIk0q%2FizE0PLNBWryBNkp7SctCNf4DEbwKFmi79s0O%2BkQ7VrGO9lgjdenBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cda0a64-AMS

GET
H2 200 a0ab86cd3f588bd2c100ef443a6f0013.jpg
xiaobaotv.net/upload/vod/20230216-1/ 948 KB
949 KB 51ms
50ms Image
image/jpeg 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/upload/vod/20230216-1/a0ab86cd3f588bd2c100ef443a6f0013.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ec4e1aaa460ff3bf8f5b3cae326490516c78dce134c597334cbb2224edf09111

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1096
x-powered-by: ASP.NET
cf-polished: origSize=1091944
content-length: 970257
cf-bgj: imgq:100,h2pri
last-modified: Thu, 16 Feb 2023 12:16:16 GMT
server: cloudflare
etag: "7fd43b78042d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onh439uYRidgSFkeg0gWsYgEn0RSFhAAqH3jfGY8mrS0tSTyI7rOK8J5uhyIrVN0yaXnB%2BiuHqULu70S4BqLwYIb%2BRGdrrJ0uGDAK5yAjPT4bifOfoPzl132zLSjPXLt%2Bkumvx5P7O1RjhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cdc0a64-AMS

GET
H2 200 email-decode.min.js Show response
xiaobaotv.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 33ms
28ms Script
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xiaobaotv.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 Apr 2023 11:29:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6447b986-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ%2Fw31aleCXR7MgvA0FZAZNiEIlGDHbriloHX42eXReM9B4RHu3YBUm7o0e340LmRIBN4l6C8kN10%2Btd%2BAANerJ0TlM03yg9zgMYA0HGfVJaO9wqyWFjYPc728nb2vP8NTazm8kX1oDDvRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c04651d0cba0a64-AMS
expires: Wed, 03 May 2023 01:54:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
83 KB 152ms
76ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LNQ045WCD

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a41acbf0c5633c9c398a176c3c0627d881cac016f8da61d03f5b4035def46cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 May 2023 01:54:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 205ms
76ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7548340262798230

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5037d205772565b53c2fd8f2840414dc987159e2fc9742dcf09217da4946234b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Origin: https://xiaobaotv.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47385
x-xss-protection: 0
server: cafe
etag: 10257767789214366584
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:10 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 118ms
55ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://xiaobaotv.net/
Origin: https://xiaobaotv.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c04651d7e4eb97e-AMS

GET
H2 200 layer.css
xiaobaotv.net/template/mytheme/statics/js/layer/theme/default/ 14 KB
3 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/js/layer/theme/default/layer.css?v=3.1.1
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/template/mytheme/statics/js/layer/layer.js?v3.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 24 Oct 2021 13:12:30 GMT
server: cloudflare
age: 694
etag: W/"0b37dccd8c8d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWHCiD1QoKJsZODGOEghiD9a91o6wd0rKhwUnRMxIIS5TRHs3ZF9i5sjoz9nW1gVO2lphRznvTp%2BTy2dURCFU6dI%2FtFJtBMTb7ZznqJeoWqQ0xxQ9mgKycWcQ%2Bw5G%2B0cgM5C9ONS9zL5Ye4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=3600
cf-ray: 7c04651cfc980a64-AMS

GET
H2 200 0e1ec6516.gif
xiaobaotv.net/template/mytheme/statics/image/20211025/ 200 KB
201 KB 47ms
47ms Image
image/gif 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/template/mytheme/statics/image/20211025/0e1ec6516.gif
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a500bac2ef8d3cc58fbdeea533712ebef58088f7ebc3e2c24a76a2d1bc3d7ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 693
x-powered-by: ASP.NET
cf-polished: origSize=262540
content-length: 204890
cf-bgj: imgq:100,h2pri
last-modified: Mon, 25 Oct 2021 04:12:20 GMT
server: cloudflare
etag: "0ea98156c9d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0KG%2B5kzuIn1suBF01MsHG2ptQ0HEY69eh2p%2F6w%2B2RCX%2F4I5RLboNFA%2B8OxlKKwPVf6H3xos47PJjSSbitSjEKpWuqmYr5%2FQ1zbke4JCXqUsMgjJtjlutHvXCuDiDs%2FNEB2F21RwuBcDQ5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cec0a64-AMS

GET
H2 200 play.png
xiaobaotv.net/template/mytheme/statics/img/ 990 B
1 KB 48ms
47ms Image
image/png 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaobaotv.net/template/mytheme/statics/img/play.png
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-ui.css?v=2.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f55a5609ec3e116426623acb3022d0b298d792c4fd7d6bdc34ca1b405520fd17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-ui.css?v=2.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1702
x-powered-by: ASP.NET
cf-polished: origSize=2457
content-length: 990
cf-bgj: imgq:100,h2pri
last-modified: Sun, 24 Oct 2021 13:12:28 GMT
server: cloudflare
etag: "0864ccbd8c8d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHlVUK6Gt9bClk8BhCucm%2BZM9svqFZY26G0cpv5ZIUm%2BGPsIMf2fHdISviUdFRqI1bDjf36tkr%2FffVJFH%2BN9fGj3BffIYb3bJEGj3qQeEiUDQ2UxtyZMt6w3lPmzjaP3FT%2BcAQCrLaIL6aU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d1cef0a64-AMS

GET
H2 200 fontawesome-webfont.woff2
xiaobaotv.net/template/mytheme/statics/fonts/ 75 KB
76 KB 50ms
49ms Font
application/font-woff2 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/template/mytheme/statics/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-font.css?v=2.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://xiaobaotv.net/template/mytheme/statics/css/mytheme-font.css?v=2.8
Origin: https://xiaobaotv.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sun, 24 Oct 2021 13:12:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 503
etag: "0b37dccd8c8d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y884g0mRi88LtyeEs9qa2ATk6%2BhrMlj9qirj32dMaQZcW61G9yGrszsXYzum7RSb4UNAV%2BQjFK1%2BIxgLSurJLFxs%2F7fm9XlHvjMnfuvZ6x2I5lle%2BWCMHXXXymOesR9hiNQDHNwXfW1o%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7c04651d2d050a64-AMS
content-length: 77160

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1350ms
322ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?099fa21119400e53692b87a7ff0e9f4a

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

70667e0782468bd0322d9d4a2c7784054c178a16d86acd51c117438cf148b37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 01:54:11 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 5a08dd1a8b83a1032252fa111bf4e634
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11362

GET
H2

200

invisible.js Show response
xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 1FC6
Redirect Chain

https://xiaobaotv.net/cdn-cgi/challenge-platform/scripts/invisible.js
https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

27 KB
12 KB

31ms
31ms

Script
application/javascript

2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Server

2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2719100d4bbb4a8c6875c7c13f78a70a27f0117c69fb586ecc9c2d0a4cf4fc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8rs%2BDeIX%2FzS%2B5%2FC%2F9y0xTSHrUif8z3sN5028eoB8kIu5eWJx0XAyzaPUinU6wwN9XuCvwzNpzTTqok2p41jfwmopdbrGpgRCgvVECPH44Hs8YcBmS%2B2%2FujHq%2BSmUCfJ8KZYJhrrqEvusO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c04651e2dbf0a64-AMS

Redirect headers

date: Mon, 01 May 2023 01:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaJXXF5Et76arJ%2FXH8uK5%2FNq79nJ7Zy%2FHgoL99PV0tpIa3rxfasc9BKqQ3nkWfXHIEgOAGortzPeQ7r96lD4jsUb3DjHiJzSmu5NvC3fpgmkC2g1Z0gfXSDag5zLVIlYe%2FopqqkE%2FHynxlo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
cache-control: max-age=300, public
cf-ray: 7c04651dfda30a64-AMS

GET
H2 200 cf3d6ae7e7f6af6ef39cdc3b1de3971367066dae01e80fe85703016580d138c60a0abbc082d64bcbf4ff74e7a06ee0ac.jpg
img.haiwaikan.com/ximgs/ 89 KB
89 KB 126ms
58ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/cf3d6ae7e7f6af6ef39cdc3b1de3971367066dae01e80fe85703016580d138c60a0abbc082d64bcbf4ff74e7a06ee0ac.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a8d067915b729ec8f69e054d53d89c026752d7b9c0b28bda4f19722e2e06d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Jun 2022 10:10:47 GMT
cf-bgj: h2pri
content-md5: Yx4P66iB/EZGuKgzfY5E4A==
age: 382287
server: cloudflare
etag: "631E0FEBA881FC4646B8A8337D8E44E0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7ee2b914-AMS
content-length: 90770

GET
H2 200 4f2a95b42b03341653d8c6da653985ae8eb2805bd392630748edec05ab57bab004183612ef0c751a2fe3f68c52c3e00e.jpg
img.haiwaikan.com/ximgs/ 87 KB
87 KB 158ms
91ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/4f2a95b42b03341653d8c6da653985ae8eb2805bd392630748edec05ab57bab004183612ef0c751a2fe3f68c52c3e00e.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd1e6f457d05f1030497c94799473e6b0a6da996f5673c9508057c216d7ab76

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 04:26:02 GMT
cf-bgj: h2pri
content-md5: BWUb0gNvybOUWP0uQ+GgnQ==
age: 1360378
server: cloudflare
etag: "05651BD2036FC9B39458FD2E43E1A09D"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7ee5b914-AMS
content-length: 88748

GET
H2 200 d584827d28af7976b4564687e6b8454c9b9056a78bebcafa8ee84eeeda471f225a10b30e07745f480a1376fb67130e32.jpg
img.haiwaikan.com/ximgs/ 92 KB
92 KB 154ms
87ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/d584827d28af7976b4564687e6b8454c9b9056a78bebcafa8ee84eeeda471f225a10b30e07745f480a1376fb67130e32.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f41f6a7e5337716739b4f5ff89b3a1f589c9b5e25f506934b51d7cd6d71d33c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Fri, 21 Oct 2022 12:59:07 GMT
cf-bgj: h2pri
content-md5: NJaT2GzMPFrc1CBwMzyXaw==
age: 382287
server: cloudflare
etag: "349693D86CCC3C5ADCD42070333C976B"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7ee6b914-AMS
content-length: 93767

GET
H2 200 cf3d6ae7e7f6af6e1994fefe8e117abf7c6fff4d6743ef9041adda6552b807f06e4aa8ba861f0568782af6a2d5de061e.jpg
img.haiwaikan.com/ximgs/ 105 KB
106 KB 157ms
90ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/cf3d6ae7e7f6af6e1994fefe8e117abf7c6fff4d6743ef9041adda6552b807f06e4aa8ba861f0568782af6a2d5de061e.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d87fd9b896921e75328b5e125dbc469d88c24ac1aa745f4da9264c17ff5c86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 18 Jun 2022 09:50:15 GMT
cf-bgj: h2pri
content-md5: XxQqpBq0i5JFFZkDGovQ5w==
age: 382287
server: cloudflare
etag: "5F142AA41AB48B92451599031A8BD0E7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7ee8b914-AMS
content-length: 107806

GET
H2 200 cc55f6fcd58a9787091a53b62b391eda9b60b5f0e04f5900f9c9601aa4e731546ae583acdb51ac038ea7ab6a0ae7ae12.jpg
img.haiwaikan.com/ximgs/ 57 KB
57 KB 157ms
90ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/cc55f6fcd58a9787091a53b62b391eda9b60b5f0e04f5900f9c9601aa4e731546ae583acdb51ac038ea7ab6a0ae7ae12.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33cfdd53cf6263337d77d367ac354a935b54552df41d0b5e3dac01d6458515e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Sep 2022 08:00:40 GMT
cf-bgj: h2pri
content-md5: 1Jtii3zgX1x6lMHZzQnOqA==
age: 382287
server: cloudflare
etag: "D49B628B7CE05F5C7A94C1D9CD09CEA8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7eeab914-AMS
content-length: 57938

GET
H2 200 a28cd049a0295341ed1f527210d8e6dd51d70ae060683f1f3426a1f845925c05e1ccf214bd15c9bf71b17d7f48948fb8.jpg
img.haiwaikan.com/ximgs/ 61 KB
62 KB 157ms
90ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/a28cd049a0295341ed1f527210d8e6dd51d70ae060683f1f3426a1f845925c05e1ccf214bd15c9bf71b17d7f48948fb8.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 844538351ab4b3d228a05fc030aa28350af73fd69c3f2d44d67d0faa83290d00

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jan 2022 15:06:06 GMT
cf-bgj: h2pri
content-md5: zBqFRthWJ0vL1jcVl6NuyA==
age: 382287
server: cloudflare
etag: "CC1A8546D856274BCBD6371597A36EC8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651e7eecb914-AMS
content-length: 62790

GET
H2 200 a534bd52e69fd7a880df1922eff86eb5fae20fee5fdb2f982156e4f393ae824abcbb11d335a0330337ce20f3180bf7d9.jpg
img.haiwaikan.com/ximgs/ 107 KB
107 KB 76ms
75ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/a534bd52e69fd7a880df1922eff86eb5fae20fee5fdb2f982156e4f393ae824abcbb11d335a0330337ce20f3180bf7d9.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5db23c335d2b714be431cc4fae817a25ad61d583518242d4f61e889211b860a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Thu, 05 May 2022 07:36:19 GMT
cf-bgj: h2pri
content-md5: UDosC6UpTy3Eiq9Z14s1xw==
age: 384795
server: cloudflare
etag: "503A2C0BA5294F2DC48AAF59D78B35C7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf23b914-AMS
content-length: 109675

GET
H2 200 32bcd9bd887d1a5ae69654633c88bdfac26171c21ca3395ed4cbce8fa2fb6f2f7d637da84b466deb07b10b4a72d3e0c8.jpg
img.haiwaikan.com/ximgs/ 87 KB
88 KB 75ms
74ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/32bcd9bd887d1a5ae69654633c88bdfac26171c21ca3395ed4cbce8fa2fb6f2f7d637da84b466deb07b10b4a72d3e0c8.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9200b7694f7e463b5808a8e703111e80b89a7d415a0a52dd62ca45fd640535ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Apr 2022 07:40:16 GMT
cf-bgj: h2pri
content-md5: qvCjMitwSdMEK8sq1vzyxA==
age: 382286
server: cloudflare
etag: "AAF0A3322B7049D3042BCB2AD6FCF2C4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf24b914-AMS
content-length: 89402

GET
H2 200 079172920987d57f36a8ad8d7a3e39c5d9e4024433f6d251874f1dff6fe891e72ef06838d1d8e0e97cec09e81e0209bf.jpg
img.haiwaikan.com/ximgs/ 105 KB
106 KB 76ms
75ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57f36a8ad8d7a3e39c5d9e4024433f6d251874f1dff6fe891e72ef06838d1d8e0e97cec09e81e0209bf.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebbd64a877557020f397ec6b1252c6f173a55ca5f345fe9886498bbcc38c15f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 15:57:52 GMT
cf-bgj: h2pri
content-md5: z9AbPaL0jGxpOpxpgfbwcg==
age: 49456
server: cloudflare
etag: "CFD01B3DA2F48C6C693A9C6981F6F072"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf25b914-AMS
content-length: 107822

GET
H2 200 079172920987d57f6b87c4fa52d75a43b796d07b93a1b654c1b84f443122cb9f50d5410a31bb35ab55a1ac0291a99429.jpg
img.haiwaikan.com/ximgs/ 43 KB
43 KB 76ms
75ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57f6b87c4fa52d75a43b796d07b93a1b654c1b84f443122cb9f50d5410a31bb35ab55a1ac0291a99429.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9243c59e9daff78266cb8694a96ea1bbc9600973300e50d96ae6414a66fba97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 12:01:45 GMT
cf-bgj: h2pri
content-md5: G9GM1a356ePus7K6qFbSJg==
age: 52961
server: cloudflare
etag: "1BD18CD5ADF9E9E3EEB3B2BAA856D226"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf26b914-AMS
content-length: 43949

GET
H2 200 079172920987d57f395d2c43a8632de0abbfcccc4c2e344efeb9cba6ef21c6801ddf143af159b795416793f8b10e9502.jpg
img.haiwaikan.com/ximgs/ 56 KB
56 KB 75ms
74ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57f395d2c43a8632de0abbfcccc4c2e344efeb9cba6ef21c6801ddf143af159b795416793f8b10e9502.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de01c98e38c095a2401fc5e16cbbd11b319b7a5260e112a6354a10c3425735c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Apr 2023 14:16:32 GMT
cf-bgj: h2pri
content-md5: lceDUlzpsJR5OsMGA0loMQ==
age: 62023
server: cloudflare
etag: "95C783525CE9B094793AC30603496831"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf27b914-AMS
content-length: 57053

GET
H2 200 079172920987d57fc5ebd7c5552db82c6a52ea8d2f4c15fba5d37c9afd054d594fc86791432f2866c7ef37f7da85e40a.jpg
img.haiwaikan.com/ximgs/ 62 KB
62 KB 70ms
69ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57fc5ebd7c5552db82c6a52ea8d2f4c15fba5d37c9afd054d594fc86791432f2866c7ef37f7da85e40a.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ffa475a2660c54144cf77c889d09aa4125fa679a3c9c74302a513c0ec490b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 12:05:02 GMT
cf-bgj: h2pri
content-md5: MQ9KpKYtnVSwXoMLyYvlNg==
age: 62023
server: cloudflare
etag: "310F4AA4A62D9D54B05E830BC98BE536"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf28b914-AMS
content-length: 63337

GET
H2 200 079172920987d57f3850fe0dddfe9ca9827492160cc585fd62c4851b681683b318034f16f9a82d13dbfed87fbe3638f4.jpg
img.haiwaikan.com/ximgs/ 175 KB
175 KB 70ms
69ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57f3850fe0dddfe9ca9827492160cc585fd62c4851b681683b318034f16f9a82d13dbfed87fbe3638f4.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e205d2d2491abcf5776b4f41f90cb5401d7415909d6bed4552c79c1001d5938

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 15:56:28 GMT
cf-bgj: h2pri
content-md5: eISjrVF89upm7ZtKI/kHFw==
age: 62023
server: cloudflare
etag: "7884A3AD517CF6EA66ED9B4A23F90717"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf29b914-AMS
content-length: 179270

GET
H2 200 079172920987d57f2f66b360a8fd870f9485468ded291f674deeece5d1cb5d7d14da6e366c634b25b8146ebcb163f1a7.jpg
img.haiwaikan.com/ximgs/ 72 KB
72 KB 70ms
69ms Image
image/jpeg 2606:4700:10::ac43:25da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.haiwaikan.com/ximgs/079172920987d57f2f66b360a8fd870f9485468ded291f674deeece5d1cb5d7d14da6e366c634b25b8146ebcb163f1a7.jpg
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ecb7a118228421563d93f96f4e48538adb5e461973eccb5f735c2856317034

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 11:55:36 GMT
cf-bgj: h2pri
content-md5: lY+rOa60uJlT3mH5kt4Ehw==
age: 77155
server: cloudflare
etag: "958FAB39AEB4B89953DE61F992DE0487"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c04651ecf2ab914-AMS
content-length: 73334

GET
H2 200 pica.js
xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1FC6 6 KB
3 KB 30ms
30ms Other
application/javascript 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84cbfe6cf519f3b244061abcccd6aaa23a9140c307e815efaa22bfaa2ca17b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCvCI19VPuoyzycECvWP6JQMlpJi2u5YUYnqlXGXL%2Bqjbmrsk0WqRJS2zgUw80lx9URBIOx7kP2SSfT5bsZahTmS3ZipRcmxfi9cSzcD6q4a5XcTYPMaZGxMIpmhAQ9kTRCxp4ymnFmzPXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c04651e8dfe0a64-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 87ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1LNQ045WCD&gtm=45je34q0&_p=1716413212&cid=393912902.1682906050&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682906050&sct=1&seg=0&dl=https%3A%2F%2Fxiaobaotv.net%2Findex.php&dt=%E5%B0%8F%E5%AE%9D%E5%BD%B1%E9%99%A2%20-%20%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1LNQ045WCD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaobaotv.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/ 354 KB
119 KB 155ms
89ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7548340262798230&plah=xiaobaotv.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7548340262798230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e901621dcbc8e9695ae3301db3486ba9aa66248ecf364bb8a44200df3ed75df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121980
x-xss-protection: 0
server: cafe
etag: 14549198420206951261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame E101 10 KB
5 KB 139ms
63ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7548340262798230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 16663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 21:16:27 GMT
etag: 2378337311435320485
expires: Sun, 14 May 2023 21:16:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 7c046517e8cd0a64 Show response
xiaobaotv.net/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1FC6 2 B
539 B 52ms
51ms XHR
text/plain 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaobaotv.net/cdn-cgi/challenge-platform/h/g/cv/result/7c046517e8cd0a64
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c0465200fb20a64-AMS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJS4eRNp3u6i%2B2R5g%2BJ3xqgTArUyoi0H9EpyDNZ2nWyFN6BRKcjUAJKrTlT%2Bu8A8GhCR3lQ0x8u7PQ39Vt5XjUS4%2Be6i5QVs89dHnR56RNHzFFtJw9R0%2FNcTTaA6BceogZ1WcreVJw8KTws%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 128ms
43ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xiaobaotv.net&callback=_gfp_s_&client=ca-pub-7548340262798230

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7548340262798230&plah=xiaobaotv.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff3ca274338fcf956a701fbbf78261c8d71578876bcf6da221cfe45bab9d512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 139ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=xiaobaotv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 159ms
70ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xiaobaotv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=header-top&cls=myui-header__top%20clearfix%20top-fixed%20headroom--top%20headroom--not-bottom&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE0F 310 KB
72 KB 425ms
423ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&adk=1812271804&adf=3025194257&lmt=1682903723&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906050394&bpp=4&bdt=422&idt=292&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1285343836310&frm=20&pv=2&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

566d13f4cdd28931b9f8b816c3969c24879f0b0306cde5d6c220f251a14ebf4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 73926
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:11 GMT
expires: Mon, 01 May 2023 01:54:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/ 148 KB
50 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304250101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eed91816288624fdf34d2b3595762e716e986b569a288629b0932af13f00ee23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51479
x-xss-protection: 0
server: cafe
etag: 6051183951064423483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=xiaobaotv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 68ms
68ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xiaobaotv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54EC 90 KB
33 KB 371ms
370ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c1ecb4a8f2078d730b5751a599273e034b42bb441a8775d842c967bad1c5f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:11 GMT
expires: Mon, 01 May 2023 01:54:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9F9 89 KB
33 KB 272ms
272ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=572337519&pi=t.aa~a.3976007054~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=1&bdt=1303&idt=1&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=IJUBW76YAN&p=https%3A//xiaobaotv.net&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c1c0c027a12fd1facef072c902fa8adf5741ddfdef00027235663e1b98b8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33809
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:11 GMT
expires: Mon, 01 May 2023 01:54:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 1799 10 KB
4 KB 59ms
59ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 61983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 08:41:08 GMT
etag: 2378337311435320485
expires: Sun, 14 May 2023 08:41:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 242D 10 KB
4 KB 60ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 61983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 08:41:08 GMT
etag: 2378337311435320485
expires: Sun, 14 May 2023 08:41:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1799 5 KB
1 KB 155ms
67ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 00:35:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1799 205 B
649 B 201ms
59ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 00:11:47 GMT
x-content-type-options: nosniff
age: 6144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Apr 2024 00:11:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1799 604 B
695 B 202ms
59ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:08:35 GMT
x-content-type-options: nosniff
age: 17136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 Apr 2024 21:08:35 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 1799 19 KB
8 KB 129ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:31:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 242D 9 KB
994 B 145ms
68ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 01:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 242D 2 KB
846 B 114ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 242D 0
0 106ms
106ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrUcUwhtPZOSxL8bl6wTLnIGACtKD-KJwisqUvNAQoty_oNQBEAEgl7TyjwFgkYSghYwYoAH157DiAsgBCakC99WXD798sj6oAwHIA8sEqgTZAU_Qcl_Glt2TzyeMXk1zMjAABgMbjgK91-xIQBmg8fU_GYsLhE-3fye4mu-1YLSGwbBjz5TrUXloUkJLEns3y8Jk7SISGMq07WkL7Sis-SanYo6R2IH08ooFeoz1AmIzFu92Lk2l_nYNkUyrmEgyCvXqTn2BGwy23WUvYfh2qVAXFb90X-E9Y0JwX3OZFmP7B6CXQtL765xo_2N2cWndWt4tcIYiMlzBbqhvFg4_SwY9jHXnySFfaOS_p1CUQ6ftCcbcqKD4agv9JkmKyuKLQFqlRL0GgjLfbanABO63-ICpBJIFBAgEGAGSBQQIBRgEoAYugAf4isW5AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI7NCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBmAyyzKryowS4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTc1NDgzNDAyNjI3OTgyMzAYAA&sigh=v2rDvlkZjgw&uach_m=[UACH]&cid=CAQSGwBygQiDazEETSgZN-42I0rlceBcnM5Mm3LOMRgB&template_id=515

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 01:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 242D 22 KB
9 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 242D 3 KB
1 KB 114ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 21:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 242D 19 KB
8 KB 138ms
65ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 242D 158 KB
49 KB 150ms
73ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 242D 32 KB
14 KB 187ms
60ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

GET
H2 200 6993009705661873646
tpc.googlesyndication.com/simgad/ Frame 242D 4 KB
4 KB 140ms
70ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6993009705661873646?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76ea5d7fbfc9080d5b7c2578aa83da5d1759aa24f76ca0296fb79b61a3903d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 20:07:33 GMT
x-content-type-options: nosniff
age: 107198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3681
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:14:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 20:07:33 GMT

GET
DATA 200
OK truncated
/ Frame 242D 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 242D 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame A9F9 2 KB
634 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=572337519&pi=t.aa~a.3976007054~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=1&bdt=1303&idt=1&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=IJUBW76YAN&p=https%3A//xiaobaotv.net&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 01:36:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2443 9 KB
994 B 69ms
68ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 00:59:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2443 2 KB
799 B 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:09:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 2443 22 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 10:51:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 54FF 143 B
166 B 64ms
63ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:10:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2443 3 KB
1 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 21:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 2443 19 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2443 158 KB
48 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 2443 32 KB
13 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A9F9 2 KB
799 B 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A9F9 0
0 104ms
104ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsHYfwxtPZN_pFNHI6wSmwar4BKGjp8tv2aGmvJYP2tkeEAEgl7TyjwFgkYSghYwYoAG10c3NAsgBCagDAcgDywSqBNQBT9DmOf_09gpA9cCmMrCQwhCqp_LORPvTYu-nMs9khyzPniAKk7QGToranewad7iOWuea5bZUpVQzTwY-3S4_eN_uCkH6hOydnvNWOFcGQ0_2COq9FhdtQCSJHvfN7JKxOUO_5EawnVsEmqRJLv9Wcg-AIxYy_CApWcs4uQF4KjEAjdNKl3e8HjbnZXxAPe4JJOG7DMD7NbFdOhQcZZ0qy3aHf4Gd44zf36BqgEkKzujTjefXP9-jjvgcztFBZVls-LEA1fuYmwrQisAGmL59SzJIRYTABN6gvfrrA5IFBAgEGAGSBQQIBRgEoAYugAezrrKyAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMuFAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTQ4MzQwMjYyNzk4MjMwGAA&sigh=v-NFhWlfuVY&uach_m=[UACH]&cid=CAQSPABygQiDhITk33h1VIL6tLFVqTp9VUpXDXFsHC1EcgtuhD4wDCad4uPD-3FCrN4fFyGzQobXZz_Xn4ts9hgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=572337519&pi=t.aa~a.3976007054~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=1&bdt=1303&idt=1&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=IJUBW76YAN&p=https%3A//xiaobaotv.net&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 01:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame A9F9 22 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A9F9 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 21:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame A9F9 19 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 02:01:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A9F9 0
0 216ms
68ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7pzDxYuKY4FdnQWuXzcUzTlwzU8Hzk7UI6SLn5klZFWe0ousNXFkr-uWnCAPtg6wh-6pGmdG_KSSuTVN8tJxtjscQ1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=572337519&pi=t.aa~a.3976007054~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=1&bdt=1303&idt=1&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3030&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=IJUBW76YAN&p=https%3A//xiaobaotv.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9F9 158 KB
48 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame A9F9 32 KB
13 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10784873507694013835/ Frame A9F9 11 KB
11 KB 35ms
35ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10784873507694013835/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c241ffa7e0c4cff3f240e1c9cdd4654a5d8a0269de9bd68c77531999e4660f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
age: 78225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11099
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 03:57:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 04:10:26 GMT

GET
DATA 200
OK truncated
/ Frame 242D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 401af2ab0d71d34575e9c629fc48668f56db81669edbe3743a8246c1a3fd86c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 800A 1 KB
643 B 61ms
60ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 54EC 2 KB
634 B 68ms
67ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 00:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 54EC 2 KB
765 B 34ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54EC 0
0 103ms
103ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFiEywxtPZLPIFJiT6gTiw4O4BKGjp8tv2aGmvJYPv-EeEAEgl7TyjwFgkYSghYwYoAG10c3NAsgBCagDAcgDywSqBNQBT9BJnuMJ_V-_ENi7v_ceJWBGQKmItgbtJSiXdOWUhxxdfegrMT7D8prlMgMFPLTI5BSK_QfIk2VR8KUZIk-MTZgtJICooD_Of-AnBf9Jt7cMV-n8V7OB1mQVhRlRnMy4QujyAUGkuFiznQ3tPo1Q9Hb8gJS5Fgbvx2JzuEjP-OXl2milhLtGpYtlG4QgU8c-PM9PxAnP13YzL8M9kNck8T_O0JjYLtMObv9cMZNUi3b6yYSJAFJGWgOebt868Ix4arPmPXa8roylJI1QzmHk77--SePABN6gvfrrA5IFBAgEGAGSBQQIBRgEoAYugAezrrKyAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENCLAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTQ4MzQwMjYyNzk4MjMwGAA&sigh=7mu5Tc2_L5c&uach_m=[UACH]&cid=CAQSPABygQiDQsYR17vOnYfrJcMQAvET6cUx2UVmh4roPsYiwIQ5o8w7eOK2Br6_fZ9kO83-mTWZhk4LCDwNJBgB&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 01 May 2023 01:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 54EC 22 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 10:51:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 54EC 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 21:53:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 54EC 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 02:01:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54EC 0
0 121ms
69ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsY_5QE9lt4rI0_J5k6Qcf0Md3vh0g5tl1UbMyZfF9u-g4avP5yU1iiRCxCg83V5-IVd74hu2XKI2yoRK_v0ARH0q2Gw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54EC 158 KB
48 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49538
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682508732222081"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 May 2023 01:54:11 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 54EC 32 KB
13 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/10784873507694013835/ Frame 54EC 11 KB
11 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10784873507694013835/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c241ffa7e0c4cff3f240e1c9cdd4654a5d8a0269de9bd68c77531999e4660f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 04:10:26 GMT
x-content-type-options: nosniff
age: 78225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11099
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 03:57:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 04:10:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 54FF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
73ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:11 GMT
expires: Mon, 01 May 2023 01:54:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A9F9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e94f6d2e51fa905e6db1787de4e3a575dc3510d991e8f54eacad4ff04164084

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame AC53 36 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0lla2xxYzIxUFRpSlo1&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSo...

170 B
232 B

42ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0lla2xxYzIxUFRpSlo1&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSooVPsFLcaiJveLn0KLsNuXdIqwJoklyeE3ALop1Ry_eKLODTFLS__4zH0T

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 May 2023 01:54:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0bdcd692e53b93ca1@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M0lla2xxYzIxUFRpSlo1&google_gid=CAESEOcWLzULzOwVJzmAA6yom-s&google_cver=1&google_push=ATf1kGNFp-EKRkckYH2jemRERkJ4Tqk7p8Sp0UdFa5-qpSooVPsFLcaiJveLn0KLsNuXdIqwJoklyeE3ALop1Ry_eKLODTFLS__4zH0T
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBCbeVpW1Dz58LM-QnYoVVg&google_cver=1&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBCbeVpW1Dz58LM-QnYoVVg&google_cver=1&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mw...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d4cf6345-a96a-4322-b077-ea468cf7cc6d&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a&google_hm=QZRD3UD7QnuTwei0GjO...

170 B
188 B

44ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a&google_hm=QZRD3UD7QnuTwei0GjOPSQ==

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOiImH5_ddxt2M2wyxmGRrVyLOUrW63n8tHEB_xLIrDEp-DVvT5BaDKxqz0paActnXMTq5dZemASGO0mwY4MbdJ5hGUSJCaAb1a&google_hm=QZRD3UD7QnuTwei0GjOPSQ==
date: Mon, 01 May 2023 01:54:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMiQOeGzuAXc_sCUfidtAeI&google_cver=1&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01q...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01qrVhoy6rPv&google_hm=eS15eE1QRDVSRTJwRV...

170 B
232 B

44ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01qrVhoy6rPv&google_hm=eS15eE1QRDVSRTJwRV9SMGROQi4zNTBwbFlOcTltV2h6dn5B

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 May 2023 01:54:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGP1o1CFkYx7iBvI7KrhgslRiLDexOwBUPp8UIHaAzc-VdPFGbn6ihtYXYRt7EROf2A79i_20z_OUVzP3T1z4YTV01qrVhoy6rPv&google_hm=eS15eE1QRDVSRTJwRV9SMGROQi4zNTBwbFlOcTltV2h6dn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXo...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295X...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA2MzQ2MzU2MTM3NjM5ODUxOA&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxR...

170 B
232 B

43ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA2MzQ2MzU2MTM3NjM5ODUxOA&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXoDbsJUdfyxBWKtSq3NQSihwhh

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA2MzQ2MzU2MTM3NjM5ODUxOA&google_push=ATf1kGNKmJ5EkfvidR5AQvOVcAzmQODAeAPauMR1Gb0t58BtSpnLbhv0kbM1IvkOZwXGnRL295XtxRXoDbsJUdfyxBWKtSq3NQSihwhh
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHFGE9I5jmcd8PbN8YOqaFA&google_cver=1&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3MjUzMDQzNzMyODQzMjA4NA&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrA...

170 B
232 B

43ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3MjUzMDQzNzMyODQzMjA4NA&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt3SdVlhLP0f398cf1umdWZLIK

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3MjUzMDQzNzMyODQzMjA4NA&google_push=ATf1kGMbQH_Os1SIQPubpYHG6CdLze3gyPQpBrR8B6pFPKZsjMECLDaMhpbICJ5ajTTykU0kbmRnrAvt3SdVlhLP0f398cf1umdWZLIK
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_hm=ZE8bwy7IwjYnHIxarcVoCQAABKsAAAIB&google_nid=index&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u...

170 B
232 B

43ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_hm=ZE8bwy7IwjYnHIxarcVoCQAABKsAAAIB&google_nid=index&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u4XRpFuFEY3OsnJvl_YCrFKtcb4cJFkwVrtF0rIUfrXjpyvp5Aqw5x-igcSWjx2jgJ6N

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 May 2023 01:54:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAqGK_XDGJDdkFgDSshqeRU&google_hm=ZE8bwy7IwjYnHIxarcVoCQAABKsAAAIB&google_nid=index&google_push=ATf1kGNgnisBnMtF2T5DNWdmuF8Jzr34qH15u4XRpFuFEY3OsnJvl_YCrFKtcb4cJFkwVrtF0rIUfrXjpyvp5Aqw5x-igcSWjx2jgJ6N
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 800A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHbReU0TjgP_Y8_hEFlnkAY&google_cver=1&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK7Tmw9B8fVa_VvLeFzFz-

170 B
329 B

70ms
59ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK7Tmw9B8fVa_VvLeFzFz-

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMtDuxyDEUCgrbYk3NHui72Kcbujq2i9g1WNLToQby_A331pGcOIAYASNTABXWoCBFcndcxOiJKjMwK7Tmw9B8fVa_VvLeFzFz-
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 800A 0
139 B 196ms
58ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZJj14RuXVwPIC3-t8eyT_pTNXit2LiPc_oXuVtdD9MIccuLZnrVOnXQDjwVTiwr84ApTj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 87A9 1 KB
643 B 61ms
60ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 68781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 06:47:50 GMT
etag: 48472445140208031
expires: Mon, 01 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 54EC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae58430e88bf4bb95fb4c8fd62c5b09e4314a9a627784897bc3f5fe58dc9d0ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A9F9 15 KB
16 KB 207ms
61ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 157436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 87A9 0
104 B 151ms
50ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOPIiWFNUn18SPiVEfF99ME&google_cver=1&google_push=ATf1kGNJcJo5Egrlvtfh374R6-AQhFJ5Q82uGIBQWtN7B3R5ydw0chOeAENxxwXfzAq5hCB1YB1Kg8ac43aLPeMD0g-5enEnuuDSSlE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 87A9
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Of...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4...

43 B
416 B

184ms
183ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c04652a298fb760-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 102
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENfkxZuutw8QGGZ24-uHki8&google_cver=1&google_push=ATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNUy3H-Uj3RzAV6WzEe1isoVZ8g_k2tTrNG-cg0gAbF-sNFot8O9HN0GcaW65VjnbTbO-Wn7VRuLX0ckLbk6irdofxj0k4Ofh4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c046528d8dcb760-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 87A9 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87A9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAOi6eK1wfSj7vKxNOsUDeM&google_cver=1&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODAyNjQ1MTMwMTk1NTczNQ%3D%3D&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq02xa...

170 B
188 B

47ms
46ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODAyNjQ1MTMwMTk1NTczNQ%3D%3D&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq02xaauiiTTEvLTE3A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODAyNjQ1MTMwMTk1NTczNQ%3D%3D&google_push=ATf1kGO9YG4lefJQWm0Pp46gTKsGNga0x4VWOi33Dw-aOD7gZbQq9MxXqnEgw98lHf-RxKINCLJycoUrOKSOoq02xaauiiTTEvLTE3A
Date: Mon, 01 May 2023 01:54:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87A9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAD0uMHo3Ad07N-b35FKj3w&google_cver=1&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAD0uMHo3Ad07N-b35FKj3w&google_cver=1&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DW...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwMjUwMDA5ODM2MDE5MTUyNw&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUD...

170 B
188 B

43ms
43ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwMjUwMDA5ODM2MDE5MTUyNw&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo-UPBUmsM3rbnDuEgx4PPmi4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODMwMjUwMDA5ODM2MDE5MTUyNw&google_push=ATf1kGPaACCCU-UgkF49VBNLg2kLK3Tu0wICj2nx2ipoaNfD4A9fJZShbg5zmpRmuL3Bgbk62DWhUDqo-UPBUmsM3rbnDuEgx4PPmi4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87A9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZBXFh0zS_KjVPpiekAS9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZBXFh0zS_KjVPpiekAS9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZQcVcGLcGSmgp6lzF-hsnkMIrUgBXFIEM0QZ6NLWUO6Wne650Fm7jC03R1px8a7zLY-LLOctTotS7qTT207q35n2IfT1MGLY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZBXFh0zS_KjVPpiekAS9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPZQcVcGLcGSmgp6lzF-hsnkMIrUgBXFIEM0QZ6NLWUO6Wne650Fm7jC03R1px8a7zLY-LLOctTotS7qTT207q35n2IfT1MGLY
date: Mon, 01 May 2023 01:54:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87A9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFz2_Uf0rjrrClAaGMs1NDQ&google_cver=1&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NlQ4RkktMVMtNDJESw==&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsXCBvD5vgzeA6LhV6foSXFP2-xCMro

170 B
188 B

45ms
44ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NlQ4RkktMVMtNDJESw==&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsXCBvD5vgzeA6LhV6foSXFP2-xCMro

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NlQ4RkktMVMtNDJESw==&google_push=ATf1kGOnpB7sLuC1cVHV2gJadskEzArhxhxMr4Mu0dM88xJczcMWUQwK7QaB7MuCdcXV0rzqwsXCBvD5vgzeA6LhV6foSXFP2-xCMro
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 87A9 0
40 B 62ms
59ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1j5UP8h28kjiyu5DtDuxUovk4IPKvcyNYjGy8cCb0EsFUHdlYVl_22tRC-ktuWTx2fACw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 54EC 15 KB
15 KB 133ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 157436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame 86EF 36 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 334ms
334ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1114104606&si=099fa21119400e53692b87a7ff0e9f4a&v=1.3.0&lv=1&sn=32787&r=0&ww=1600&u=https%3A%2F%2Fxiaobaotv.net%2Findex.php&tt=%E5%B0%8F%E5%AE%9D%E5%BD%B1%E9%99%A2%20-%20%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91

Requested by

Host: xiaobaotv.net
URL: https://xiaobaotv.net/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 May 2023 01:54:12 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame E084 36 KB
14 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame CE47 36 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7548340262798230&output=html&h=280&adk=4070374814&adf=4067204792&pi=t.aa~a.3976034901~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682903723&rafmt=1&to=qs&pwprc=1100654067&format=1200x280&url=https%3A%2F%2Fxiaobaotv.net%2Findex.php&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682906051275&bpp=2&bdt=1303&idt=-M&shv=r20230426&mjsv=m202304250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd417d984983180e-22a80dc2b4dd0089%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw&gpic=UID%3D00000bf39be6a43a%3AT%3D1682906050%3ART%3D1682906050%3AS%3DALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg&prev_fmts=0x0&nras=2&correlator=1285343836310&frm=20&pv=1&ga_vid=393912902.1682906050&ga_sid=1682906051&ga_hid=1716413212&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1422&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532185%2C44759876%2C44759927%2C44773810%2C44759842%2C42532089%2C31074177%2C42531705%2C44788442%2C44789762%2C44789924&oid=2&pvsid=3908402127570918&tmod=1155309848&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=4DpYcVwd5e&p=https%3A//xiaobaotv.net&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 73ms
72ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0228263349772255c77f1d5ce9154ac8a992f5d0d93dcc4b452705f69d91d114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11132
x-xss-protection: 0

POST
H2 204 rum Show response
xiaobaotv.net/cdn-cgi/ 0
180 B 57ms
57ms XHR
text/plain 2606:4700:20::681a:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xiaobaotv.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiaobaotv.net/index.php
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Mon, 01 May 2023 01:54:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://xiaobaotv.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c04652b0ec50a64-AMS

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 May 2023 01:54:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F4D8 13 KB
5 KB 33ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 12312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 22:29:00 GMT
expires: Mon, 29 Apr 2024 22:29:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F24 783 B
970 B 70ms
70ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed52228e802ce8615980058eff2d3eea4f34e196bddf10820790bb70c52b5a95

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZXWogAfRWat0mZU4Ni0VMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiaobaotv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ZXWogAfRWat0mZU4Ni0VMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 01:54:12 GMT
expires: Mon, 01 May 2023 01:54:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js Show response
pagead2.googlesyndication.com/bg/ Frame F4D8 36 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/C5FABZFhf_ksn8c3oRsp46guIkA5h7KYEUMuG3ADcek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 20:12:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F24 0
0 128ms
128ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=3908402127570918&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F4D8 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZsqKwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 01:54:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 242D 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttfGo62P91M5jl8X6ZMshFcmdPVQ1WLbFGy8h_gTrdJl9xBUAvkxcl6UljMHSdKUpubg2WvAQnh9rSzbRFHGRotVCnK1muzSAKgmK94cdfpXK0qY03S8QAYE8TYi-froJDTcHMQ8Weap1eTdzuOZQUDFNG836F_-gbNkxyT1Qwg6Iyl4gQ02qYGPV8zVZvoTOalbaQYhUpboz1PaYeCgGi_eNYmZqKxVaz1dw7Jm4gAR6QYnTIesqIxqgcCmtGL1os4HJhnacuh2tb8Io20l-bgqk8PBHR4MRfOOBW9VW_xmwnedQ4WNCGt5O7Q7XM3SDrirKgOl-h1O2XyLV1k5kEo3hxDGt9UxpO1h1VlSj2BChVgDJhw_6V43Kt-onw-uMt3UW_heny5LHz1i947GtHDMXDXV0K1dBqAww-uKu_KoUkOnTSnjCyzOymavfKVgVbAfeE1lvqhsHiCQ_V6GseBQti3mY3A6zCrfupjELVw7ulldDEL8X6-HuQW2vVQgQH2zf4suDNg6GPzxoghn_od8aOaqxRmzcrnZu1Er7U4V8iPwv1GJbWIVA9c6mraa6dVZbZE7qvuZ9_21jK6JmOyrAZCAdXuZ_Z9Sn7sAw4ISCY3bH57t4NDgRuHMKf7ig3hs8FWUDjUBpGjQiwfkl1laOzqPzPOiSK-CAJ1J5XrjUAXCY861QMqsv3f-ZN6Xw93fNaVPoTt82G_u9pHGwv28LEPGGFk7tRhvktyvTnyK4CrAYn2xaJDrHYx-daIh48ckHq6-EuAC2PuBxSngyE7_7UYotaqnXXLMRi-0RMplVE9b7tj-rADDMB-6zaey6sf6ST579Mf4vIcgc8nrUP9TcKdaeb9DxhtinvkkWkL3e_wwgh6hpdQ2xu_UDqRHc8dIPedqxHux4wO7h0MkXU6DC2RH1y_ZQImu1OgX49hKY3iaR0zgQOFk8i4sXp-_uzxtYRhhY6MeahLtTMWVZ5nRNYAIJAIHHoCzkl0oO0wOqvZvljisAm2Y9aBQMbp_i7O13Z1Py_-VdBYcJPRgoeYTTxnbRbIRZRbYKFMg&sai=AMfl-YRKp7Wb134w7vkaSBivfPviWBb5ehpW748nDpJ0NvvSYJqpYwBHIWmDNBab28WJ8GHI-nuxQra1svceMnP-Rg86T8M0FO1V7g&sig=Cg0ArKJSzGKbc40q9MsREAE&cid=CAQSGwBygQiDazEETSgZN-42I0rlceBcnM5Mm3LOMRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=108,791,1000,1036,1036&tos=108,683,209,36,0&v=20230426&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682906051359&rpt=374&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 May 2023 01:54:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
131ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=3908402127570918&bg=!GRqlGk7NAAb9Sbh13Uk7ADkAdvg8Wmv6VN5dDbd62Sg5PDz5Of7x_Fm5LAJt2zNr8hEs-MEqU_AIME5BMsynEWGjjtVda-Gex_gCAAAAV1IAAAAEaAEHmQLTFYjRFAQlo1DqoR4INE8kO9QNupIcdgdbPpsxLNQl1H0aDZ3qj_63rPmGPtmxTHzwqegcf3EDP6e0p_yspbChdT3pLIqIFSpvmzlUQg_eNV0GfJOmzyG0TXZwDkqDcPg7v9XpgEaTYPu5LyL25RrvplvvqRg1a8zTaxJ2JDQJNOi3OU556y4eUSQ1lHDxGHs4P62WSz0Gjf03qXz6PKWKLBLKe5jOtrvhW9i9jfw4ZcLFSGCf3TqveMzy2qH2bnV_S1-_Jc6BlyoJYqRxJQ509qUvoRSqHQ5GG1530nJowKxwBpKM7tVR69oC45Ra79hSuE7PAPjz5af0hgzasVWVeMOIPxyYHSc1s47K0hqoppOIiJvINO-VAZmM-c1icS017MMKlNo_dJh3UCfZ9z6sj4gy3e4cLHNTKbMQKD2eutEKJV_OaqQJcR-2AGj94YqL2tPXqVvGCS2qUCb0kkU5Fpv8Oohs6ZpqP3ruFCCUkbvgVaIk2vQLrbDb4xwR0T4W5r_BlLN15iWc1MUX-iZD5zOfpb87tsHurv3mmankM8GTt_DMvtmnbWt0tiSnym6ASmi625P7x8mOMURU8Grc_fIgDFngi1HvfIuNkLU74wG5GS-tqI9xU1RF7WMByQ0P_RmtnWF7ph4MZUf_21sl76L8rh5VZwEKKs7BPhNcWVkXZm0k9tY4Y2cEEoKHu476ZlyPEYfVVJtwjbCLsXaypgNVEYJAIRzzvUTLk8yYm00tWoQqs3QCOsR26rItI2xSSaScstKZJIHN9NPHg3GfeM2p59GREp3YOgyJ4PzANwKPdlo-R6-FBigc4yT4ZMqbAkekwSFKkWOC1oPc-N0MQFe1cUG1_U9YFrfno-sYp9tAO6jSQbfBLBJQbdvDIDe-oKqENbWH8X7f0TcpCiOqIrKkPQ3F2xgXbGR-T-WKMGGi_v2CWXQxvvj1zExPRF6c820B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaobaotv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMsJBSF2RErR1qiku2x0SgE&google_cver=1&google_push=ATf1kGM0ZUjX1HyGpC5cc8eTpRjHyUO_JTgm6fwc9psEjHBRR-7xibrgwDaY4KqF60R34IjuS2Awt-3mzcS-_gt_YmBdPe402PUMPBE

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xiaobaotv.net/	1970-01-20 21:04:26	Name: _ga_1LNQ045WCD Value: GS1.1.1682906050.1.0.1682906050.0.0.0
.xiaobaotv.net/	1970-01-20 21:04:26	Name: _ga Value: GA1.1.393912902.1682906050
.xiaobaotv.net/	1970-01-20 11:28:27	Name: __cf_bm Value: n0b.gFEnYsBr2VoNrVW3bqgzNICehGa7JPME3SzBTSo-1682906050-0-AYadx2hhVGFpveHAaWsJU6JkVdJjO/+fkvY81BHXUXvAxFP6r6QikVo8BrkMfT9PmETuQ8A1IjtObAYFq5IY8qot+uriUQyH0OvkzT8iqPDj
.xiaobaotv.net/	1970-01-20 20:50:02	Name: __gads Value: ID=cd417d984983180e-22a80dc2b4dd0089:T=1682906050:RT=1682906050:S=ALNI_MYMgVc4nMyJA5VCZbzAcUcWWdPrZw
.xiaobaotv.net/	1970-01-20 20:50:02	Name: __gpi Value: UID=00000bf39be6a43a:T=1682906050:RT=1682906050:S=ALNI_MYfveWDydv6U-_J_hnikEiRtxqXrg
.hm.baidu.com/	1970-01-20 21:04:26	Name: HMACCOUNT_BFESS Value: 62E21834D1B64237
.doubleclick.net/	1970-01-20 20:50:02	Name: IDE Value: AHWqTUkFpSXooVsgIdWvWz9v3CLwmUbWU9vOGUq_tp6gFFZ8ikp077rATZqUcchAHMc
.doubleclick.net/	1970-01-20 11:28:29	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:14:02	Name: CMID Value: ZE8bwy7IwjYnHIxarcVoCQAA
.casalemedia.com/	1970-01-20 13:38:02	Name: CMPS Value: 1195
.casalemedia.com/	1970-01-20 13:38:02	Name: CMPRO Value: 1195
.yahoo.com/	1970-01-20 20:14:23	Name: A3 Value: d=AQABBMMbT2QCEHciKyw9sZwFBYaKyyGUvhYFEgEBAQFtUGRYZAAAAAAA_eMAAA&S=AQAAAotz_3sKTVqUPasfrET6VYY
.adform.net/	1970-01-20 12:13:04	Name: C Value: 1
.w55c.net/	1970-01-20 21:00:06	Name: wfivefivec Value: 3Ieklqc21PTiJZ5
.xiaobaotv.net/	1970-01-20 20:14:02	Name: Hm_lvt_099fa21119400e53692b87a7ff0e9f4a Value: 1682906052
.xiaobaotv.net/	1969-12-31 23:59:59	Name: Hm_lpvt_099fa21119400e53692b87a7ff0e9f4a Value: 1682906052
.w55c.net/	1970-01-20 12:11:38	Name: matchgoogle Value: 5
.bidswitch.net/	1970-01-20 20:14:02	Name: tuuid Value: 419443dd-40fb-427b-93c1-e8b41a338f49
.bidswitch.net/	1970-01-20 20:14:02	Name: c Value: 1682906051
.adform.net/	1970-01-20 12:54:50	Name: uid Value: 8302500098360191527
.pubmatic.com/	1970-01-20 11:29:52	Name: KTPCACOOKIE Value: YES
.adfarm1.adition.com/	1970-01-20 13:38:02	Name: UserID1 Value: 7228026451301955735
.bidswitch.net/	1970-01-20 20:14:02	Name: tuuid_lu Value: 1682906052
.pubmatic.com/	1970-01-20 20:14:02	Name: KADUSERCOOKIE Value: 85905716-1D33-4BF2-A354-FA627A4012F6
.scoota.co/	1970-01-20 21:04:26	Name: tuuid Value: d4cf6345-a96a-4322-b077-ea468cf7cc6d
.scoota.co/	1970-01-20 21:04:26	Name: c Value: 1682906052
.scoota.co/	1970-01-20 21:04:26	Name: tuuid_lu Value: 1682906052
.tribalfusion.com/	1970-01-20 13:38:02	Name: ANON_ID Value: a0nseFS3n0gryoxDnS6H0qaHrUyf067L5ZatVId7VSHquQh57TIYdLiXJAC6OFO7ZdiADZdj9RxsqNoqEjY189Zd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-7548340262798230&fa=1&ifi=5&uci=a!5&btvi=3&xpc=MouhCU8tXr&p=https%3A//xiaobaotv.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adservice.google.com
adservice.google.nl
c1.adform.net
cm.g.doubleclick.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
image6.pubmatic.com
img.haiwaikan.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.scoota.co
region1.google-analytics.com
s.tribalfusion.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xiaobaotv.net
xiaoheimi.net
sync-tm.everesttech.net
103.235.46.191
185.80.39.216
198.47.127.19
2001:4860:4802:32::36
216.58.212.130
2606:4700:10::ac43:25da
2606:4700:20::681a:eb0
2606:4700::6810:3965
2606:4700::6812:18ad
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:9c2a:e267:cf33:bf47
2a06:98c1:3120::3
3.120.88.196
35.158.67.42
37.157.5.133
51.89.9.254
52.209.9.234
69.173.144.139
85.114.159.118
0228263349772255c77f1d5ce9154ac8a992f5d0d93dcc4b452705f69d91d114
0456b9ef046b42941738001fbf1621e1b449abcccae2a21bf3bcec0755a05714
04b8f6c6b334211b64d2dc68ec6b0c4fb5e92922cb102d3424c4c7010d2ed43b
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b91400591617ff92c9fc737a11b29e3a82e22403987b29811432e1b700371e9
0de01c98e38c095a2401fc5e16cbbd11b319b7a5260e112a6354a10c3425735c
12ecb7a118228421563d93f96f4e48538adb5e461973eccb5f735c2856317034
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e205d2d2491abcf5776b4f41f90cb5401d7415909d6bed4552c79c1001d5938
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2719100d4bbb4a8c6875c7c13f78a70a27f0117c69fb586ecc9c2d0a4cf4fc3b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd1e6f457d05f1030497c94799473e6b0a6da996f5673c9508057c216d7ab76
2ebbd64a877557020f397ec6b1252c6f173a55ca5f345fe9886498bbcc38c15f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33cfdd53cf6263337d77d367ac354a935b54552df41d0b5e3dac01d6458515e4
3c59608ce203a13600ee3b947e0d888e248443287eb122e054fcb8669ee1cab6
3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
401af2ab0d71d34575e9c629fc48668f56db81669edbe3743a8246c1a3fd86c2
463178ec2626c71685b9cd67b512646b46790628e45a371d494a0b62b156d8bd
4bbdf072904f25a29941c0389289ffcd87c25f5a839081226bd694e683152ddf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5037d205772565b53c2fd8f2840414dc987159e2fc9742dcf09217da4946234b
54ff23d820c7689387840dec8ac8c690ccb9c016763a5571911642836da8e89b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566d13f4cdd28931b9f8b816c3969c24879f0b0306cde5d6c220f251a14ebf4c
5b32b2058c67539af1876868da27962cc33d049d45c09e93359b6f25130d39ed
5c1ecb4a8f2078d730b5751a599273e034b42bb441a8775d842c967bad1c5f16
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e70e66a7320546258674dbeebbc642d01933b05807f0dfe0c89e846b4d7e946
614c715bf8ef6f6b1ab83cdc718beaca8715a6093de5878579345fd385a86605
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a500bac2ef8d3cc58fbdeea533712ebef58088f7ebc3e2c24a76a2d1bc3d7ee
6e901621dcbc8e9695ae3301db3486ba9aa66248ecf364bb8a44200df3ed75df
70667e0782468bd0322d9d4a2c7784054c178a16d86acd51c117438cf148b37c
71d5d84baa17eabfc0e04a23de641b042c454c7232a79b58234a7d43671b9cfc
76ea5d7fbfc9080d5b7c2578aa83da5d1759aa24f76ca0296fb79b61a3903d82
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7ea84a200b8fc5ec393ebfa5c9e90cbbc2121028f6178ccb1cae7605d6e3977b
7f41f6a7e5337716739b4f5ff89b3a1f589c9b5e25f506934b51d7cd6d71d33c
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
844538351ab4b3d228a05fc030aa28350af73fd69c3f2d44d67d0faa83290d00
89d87fd9b896921e75328b5e125dbc469d88c24ac1aa745f4da9264c17ff5c86
8bcde0cdcd1dcb57e104b0ec729649f151a9f404fca6e4bf120a3b929bddca97
8e94f6d2e51fa905e6db1787de4e3a575dc3510d991e8f54eacad4ff04164084
9200b7694f7e463b5808a8e703111e80b89a7d415a0a52dd62ca45fd640535ff
9300e430ee22a851e8463bfcecff358882386c692eabd7b0b6ca6245776afd37
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff3ca274338fcf956a701fbbf78261c8d71578876bcf6da221cfe45bab9d512
a41acbf0c5633c9c398a176c3c0627d881cac016f8da61d03f5b4035def46cb3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5db23c335d2b714be431cc4fae817a25ad61d583518242d4f61e889211b860a
aa742badf084573528b8508ecf923da32bc27285928dfbedabcd432ee1ac0887
ae58430e88bf4bb95fb4c8fd62c5b09e4314a9a627784897bc3f5fe58dc9d0ad
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c241ffa7e0c4cff3f240e1c9cdd4654a5d8a0269de9bd68c77531999e4660f8e
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c849350bcb1ac105acb5b054ae6f11b75fc55d555c28203d47384247caf9d0da
c8fdd69cf300c0557725a4ff0380ece38ff91725b35610ad8c746f72d26006d8
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7c1c0c027a12fd1facef072c902fa8adf5741ddfdef00027235663e1b98b8f9
d8a8d067915b729ec8f69e054d53d89c026752d7b9c0b28bda4f19722e2e06d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e84cbfe6cf519f3b244061abcccd6aaa23a9140c307e815efaa22bfaa2ca17b6
e9243c59e9daff78266cb8694a96ea1bbc9600973300e50d96ae6414a66fba97
ec4e1aaa460ff3bf8f5b3cae326490516c78dce134c597334cbb2224edf09111
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ed52228e802ce8615980058eff2d3eea4f34e196bddf10820790bb70c52b5a95
eed91816288624fdf34d2b3595762e716e986b569a288629b0932af13f00ee23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ffa475a2660c54144cf77c889d09aa4125fa679a3c9c74302a513c0ec490b3
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f55a5609ec3e116426623acb3022d0b298d792c4fd7d6bdc34ca1b405520fd17
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ffe491350a06cf24020b644db73b568a8543130baef947bf6a76cc7c625a9dac

xiaobaotv.net Open in urlscan Pro 2606:4700:20::681a:eb0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

90 %HTTPS

63 %IPv6

28 Domains

33 Subdomains

20 IPs

8 Countries

5655 kBTransfer

7739 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xiaobaotv.net Open in urlscan Pro
2606:4700:20::681a:eb0 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

90 %
HTTPS

63 %
IPv6

28
Domains

33
Subdomains

20
IPs

8
Countries

5655 kB
Transfer

7739 kB
Size

28
Cookies

138 HTTP transactions
5 data transactions