xiaoko.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xiaoko.com/
Effective URL:
https://xiaoko.com/
Submission: On November 09 via api (November 9th 2023, 2:39:12 pm UTC) from US — Scanned from NL

Summary HTTP 265 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 29 domains to perform 265 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xiaoko.com.
TLS certificate: Issued by E1 on November 1st 2023. Valid for: 3 months.

This is the only time xiaoko.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6812:c45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 21	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	64.233.184.156 64.233.184.156	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
12 21	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5 11	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 7	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	3.120.100.40 3.120.100.40	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:4684:36f0:2036:f07d	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1 2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:13::6	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
265	34

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xiaoko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xiaoko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c45 (United States)

ASN13335 (CLOUDFLARENET, US)

static.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.16.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.12 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.100.40 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-40.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:4684:36f0:2036:f07d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:13::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-c0q7lnsl.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com — Cisco Umbrella Rank: 301	777 KB
69	xiaoko.com 1 redirects xiaoko.com	1 MB
52	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	290 KB
14	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r1---sn-c0q7lnsl.c.2mdn.net — Cisco Umbrella Rank: 419945	1 MB
14	gstatic.com fonts.gstatic.com www.gstatic.com	541 KB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	7 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	359 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	299 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	151 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3931	28 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 110	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 851 r.turn.com — Cisco Umbrella Rank: 4121	869 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	400 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	mailerlite.com static.mailerlite.com — Cisco Umbrella Rank: 16501	6 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	715 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 755	732 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	613 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	539 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	104 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 10244	408 B
1	w.org s.w.org — Cisco Umbrella Rank: 2772	642 B
265	29

	Domain	Requested by
69	xiaoko.com	1 redirects xiaoko.com
49	pagead2.googlesyndication.com	xiaoko.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
32	tpc.googlesyndication.com	googleads.g.doubleclick.net xiaoko.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
21	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
21	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com xiaoko.com googleads.g.doubleclick.net
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
10	s0.2mdn.net	googleads.g.doubleclick.net xiaoko.com s0.2mdn.net
10	fonts.gstatic.com	fonts.googleapis.com
8	googleads4.g.doubleclick.net	xiaoko.com
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net xiaoko.com
5	fonts.googleapis.com	xiaoko.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects xiaoko.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagmanager.com	xiaoko.com
3	static.addtoany.com	xiaoko.com static.addtoany.com
2	ade.googlesyndication.com	xiaoko.com
2	r1---sn-c0q7lnsl.c.2mdn.net	xiaoko.com
2	gcdn.2mdn.net	2 redirects
2	www.facebook.com	1 redirects connect.facebook.net
2	c1.adform.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googleadservices.com	xiaoko.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	xiaoko.com connect.facebook.net
2	static.mailerlite.com	xiaoko.com static.mailerlite.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	xiaoko.com
1	ad.turn.com	1 redirects
1	www.google.de	xiaoko.com
1	www.google.nl	xiaoko.com
1	s.w.org	xiaoko.com
265	39

This site contains links to these domains. Also see Links.

Domain
course.xiaoko.com
go-camping.tw
p.ecpay.com.tw
bit.ly
www.instagram.com
linktr.ee
liff.line.me
www.facebook.com
twitter.com
www.youtube.com
www.cloudways.com
www.rakuten-bank.com.tw

Subject Issuer	Validity	Valid
xiaoko.com E1	`2023-11-01` - `2024-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
mailerlite.com Cloudflare Inc ECC CA-3	`2023-05-30` - `2024-05-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-18` - `2023-11-16`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://xiaoko.com/
Frame ID: 3D4448D30236E5BFB54EAE27C91838BD
Requests: 109 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 7B79DA85E3E93612ECC5D22E82A7001D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html
Frame ID: 39C259D64CCB410A1AA9AD57BE15769C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&adk=1812271804&adf=3025194257&lmt=1699533523&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540739682&bpp=10&bdt=1265&idt=427&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7412537564534&frm=20&pv=2&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=449
Frame ID: 33022D0F133335CFF01A5EFFF7539C2B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=768695558&adf=3605511025&pi=t.aa~a.3941172737~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1170x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540739692&bpp=1&bdt=1275&idt=448&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=455
Frame ID: 60A00860FDCB063246C26F09E08506CF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=4002941374&adf=2191032200&pi=t.aa~a.3455557231~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=3&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=19
Frame ID: B238E6F68FD1FE8FD3A8C08A6EEB5BF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31
Frame ID: C29E036808FA9187760A9283E70B1FF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=2645401415&adf=3049909000&pi=t.aa~a.2987483096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1200x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280&nras=5&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=34
Frame ID: 114F3AD62AD90535A831186133812AC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=2645401415&adf=3049909000&pi=t.aa~a.2631034329~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1200x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280%2C1200x280&nras=6&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=38
Frame ID: BBE4AB5FE605CCB73A32A4160F6A5900
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: C87A93E58B829D50437573532B0C2012
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 18FC3E51A67B04AA591895360FBDADDF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 552971960F02FACD40C76C1DC11F01AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3ABAAB2479AF95F1E76C30B6B162BC92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 71D1BD4C028EEBD13BDD98105EC1683F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNXVhX-4z-UKx15DLiG54RDtb2BZRk28oSF1LrRFIac0xsg8G0_-450Fe8swQIGEUaIok0Oq9NgOJiosg9AM2uk330fyhf1G5sACq2va7-IgAv7N5mSV2xAbk-DO_jtfXFRlYNQ5q8_C4fN6LHMxMzBkfbtiQF6oI74lBKG4uFGCBAhXsl4
Frame ID: 14A58AF14AF6465D656E6FB71C7A2350
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 777C100647F79E90208F8A625D6DA579
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM
Frame ID: 621D806324076CF3862AA113C4FE451A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 757F4A1F054CFB1A5599E39A009C2C70
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARjZjo7uATAB&v=APEucNWAFlSS2KsKVYTERGuzTYuREJzF9NjbSuSt2z1z6jlZkJxB5MqaFYtIUMhHd-jhyszKDGGYJyzffweCtKGC5O3sss2QLeubSQzY1y2GErWmAPQJ0SfcwgtbVeqtCAabIRMyOagtIRz49Ep-Yrwc7TJrJE1-SrU9yqxZV8gzhs7-gPssQmA
Frame ID: F8FCCAA0EEB31DA7E9416CC21F6205BE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Frame ID: 3C3E51F779FADFD7C599BC9CC6530AC9
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: 605C1BFDE437BE79340D126078367408
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5A689A1BF0747180D907DF74434363D5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8307D6A94754B25F7A78C7E6836C6FBF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=250&adk=278681618&adf=394435418&pi=t.aa~a.2333419348~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=363x250&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741170&bpp=1&bdt=2753&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daba9c157b91ba6ae%3AT%3D1699540740%3ART%3D1699540740%3AS%3DALNI_MYp4gp0YF4TTj5X8T803ZmQWmXOgw&gpic=UID%3D00000cbdafd7391e%3AT%3D1699540740%3ART%3D1699540740%3AS%3DALNI_MaOxlk-kBcvFBoVQfq7F__PEbbv-A&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280%2C1200x280%2C1200x280%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=11&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=619&ady=4533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&psts=AOrYGskFO-QE1O0Y17GhMHbq8iKHN8K-TTFIQ-wh76gpgNq6ZXXHU0qXE71icF6SrhuWcbZPA7kNCc_9k-7YDgDdzvLw&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=8&fsb=1&dtd=659
Frame ID: 3B53101F84EC0DA8FC6BB72E95647C14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe_g5gEENe2yZwEGPr3_vcBMAE&v=APEucNVMxCqX53FcY_JF2cM4cYnRPpDLqyoewbtcbUbRgik1VNwwPYMNq4cy-C7wc6Tohijul81pcofoPEmiRtquEvxvYt5ut90hwRuEDMAaib9UOaXqJRgYH504MHEpZ6R6Hwv1ayVZSGiUiQrYwBi-VrjaSJH4_KtCZ-NvPSHatHAxED-FoIM
Frame ID: ED512562BC6BBDC7B522FBB5973E1E64
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js
Frame ID: E07C3DD6F4DFEE9E1B98AA5839B9B0AE
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C0F9EBDBB86E1CFED3CA7BB401A44E6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E20DE1A2926E176BE3222273FE31D370
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C8A09FEB352A60221A7956B90AF60551
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9433F03B984837D3C622A97D2C284F89
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=dy4gCJJFh6&t=1&renderingType=2&ev=01_250
Frame ID: D6B671BD325B116073E426C03942BF35
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=Au0yo4DWno&t=1&renderingType=2&ev=01_250
Frame ID: 85EF652F91AFEFE0356B7E24B53E7A77
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29c8b4468e002c%2526domain%253Dxiaoko.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxiaoko.com%25252Ff13dd52685b88c4%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fimxiaoko%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse
Frame ID: EB07F007357ABF255F7B3E1D820251CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: 959DF9B75151F25C25DF67A2C116BEC3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: 0DDD90751C9682DF07D8D841C9C66E98
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Frame ID: BD77BF507AE5164CCE90EDCAF8D88F1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF1FD474271E254D6E1A41ED09D713DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACDCF599B087C0C67D09730A110E0F04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

小柯玩科技 - 一起玩科技找樂趣

Page URL History Show full URLs

http://xiaoko.com/ HTTP 301
https://xiaoko.com/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

jQuery-pjax (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]pjax(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

265
Requests

91 %
HTTPS

63 %
IPv6

29
Domains

39
Subdomains

34
IPs

7
Countries

4950 kB
Transfer

12042 kB
Size

28
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://course.xiaoko.com/shop
Title: 商店與課程

Search URL Search Domain Scan URL

URL: https://go-camping.tw/
Title: 玩出戶外力

Search URL Search Domain Scan URL

URL: https://p.ecpay.com.tw/C2C7878

Search URL Search Domain Scan URL

URL: https://bit.ly/watch-line

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CbBwmwhNopN/

Search URL Search Domain Scan URL

URL: https://linktr.ee/xiaoko_shop

Search URL Search Domain Scan URL

URL: https://liff.line.me/1645278921-kWRPP32q/?accountId=147ddlmu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imxiaoko
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/imxiaoko
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/imxiaoko
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVd1GrdYnlU57SF-goISuxg?sub_confirmation=1
Title: Youtube

Search URL Search Domain Scan URL

URL: https://bit.ly/xiaoko_discord
Title: Discord

Search URL Search Domain Scan URL

URL: https://www.cloudways.com/en/?id=1013510
Title: Cloudways 主機

Search URL Search Domain Scan URL

URL: https://www.rakuten-bank.com.tw/s/ZqUs
Title: 樂天開戶領500元

Search URL Search Domain Scan URL

URL: https://course.xiaoko.com/courses
Title: 課程

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xiaoko.com/ HTTP 301
https://xiaoko.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://googleads.g.doubleclick.net/pagead/adview?ai=CdnyJBO9MZfWtDJCnxdwPo4KM8AeN49WLdJnT1_GXEufRveCVDhABIKDSmAdgkQSgAajK3JYDyAEJqQIQ4kSHSp-0PqgDAcgDywSqBP8BT9AAbsMzPbEbVaTjfWn5CZFKPZye6pZKAuMkjEDbVqKZKU3rKwzaKhJMMb6XhKWDSv6m4cwoB0vwu7zmm806TE6nlLvI82C-9TSylgiK4gfUZEbbJFhvSrltkgfUooqpquRfFefC8QmGvIDI_FyOgDjhcszXgJqNwlAZvpnTIVh4_k1NS95gZqj5KGIBFMffRyvETwQJ-otS8j2Ue92GKq1mmgFPMl4wlkozAQwEGEDkxWEzh5Ko-yczm7DGxbjhBquiSSrUisovfm5uIsCJT8cbnIx0pij8ceGGd2__g6Wa6ED4YgI3hdhcGV_X1eWa2y_B3HP_M2rP1W_cZ2E3wAT65sOxwQSIBbyg7alNkgUECAQYAZIFBAgFGASgBi6AB8C1o2moB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC86QbSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk8aHR0cHM6Ly93d3cueGlhb2hvbmdzaHUuY29tL2V4cGxvcmUvNjU0YjZmZTYwMDAwMDAwMDExMDBmMTM3gAoByAsBogwMKgoKCOS0sQLutbEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg2MjE5NDc1NDA5NzYxODIYAA&sigh=aL032YXHjj4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNJPfJSQil01PNkXjnvtOGI4loXID0xYKT6RCiikmlctUbkZAJKGB1ZTiVu5T_W2AtMrkS4g_sQx8le3BErm3PAM-sU27jou4SDS4YAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210684315756694328137%22,%22debug_reporting%22:true,%22destination%22:%22https://xiaohongshu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852960552%22],%224%22:[%2211-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211563849151520030081%22}&andc=true

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBTSWu1fPIyWra2mfKQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECc_3umja8BXpDwfZpTbE70&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEClkYVrNbJl1RCVQp9am4uc&google_cver=1

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

Request Chain 169

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBW.39yzgmWcj8pGuWgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1&google_hm=2

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

Request Chain 171

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Request Chain 177

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 199

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ1CF8mGMZOtHFSqaYjtzUo&google_cver=1&google_push=AXcoOmTtwtRbb0n9eyvRS5LYDmJBxp7t1ISUkWq1VDQAhXe72EHOrdRG6z_HrEZDY-jJGCr2Rcb5_dEbzS3HThD2OPWU3qM1Q0wIsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkxOTk1MTk1OTI5NTYwMTU4MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBtXMeZ-osRFePCrxMkI1fY&google_cver=1

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBIOlPLAd5RYAW-cWBDRlHE&google_cver=1&google_push=AXcoOmRF2M6fkkCV1U1Dm9pQYFiA5e3l062icFSHphxDDQAeoyMo0R-MeaHaKkLtCpRohxdKZd0d-QYV345GjIKppy0hjfgPHrvlFCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIOlPLAd5RYAW-cWBDRlHE&google_push=AXcoOmRF2M6fkkCV1U1Dm9pQYFiA5e3l062icFSHphxDDQAeoyMo0R-MeaHaKkLtCpRohxdKZd0d-QYV345GjIKppy0hjfgPHrvlFCA

Request Chain 202

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPQ56rwjfeGhYVlEyOKrtx4&google_cver=1&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_5i0O1Qn4hmcL3yZ4mWfs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_5i0O1Qn4hmcL3yZ4mWfs&google_hm=YGbMfKNSQXSF63LmtRKPJoM

Request Chain 203

https://d.agkn.com/pixel/2175/?google_gid=CAESECHFqhROHs5tN7a3wl1jQv4&google_cver=1&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8&google_hm=Q0FFU0VDSEZxaFJPSHM1dE43YTN3bDFqUXY0

Request Chain 204

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKDgT4nkQJ9uwlRGgdCfHj0&google_cver=1&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0jKPRj8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0jKPRj8A&google_hm=eS1rMFlLelhkRTJwRXIwak5RY2VUWE9iUVZ3R0tJSkcyNn5B

Request Chain 205

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE3NFGtgcPV00rcyiIV5tAs&google_cver=1&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTeJ4w--Dz2wgksi3fk-Pj4hAQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE3NFGtgcPV00rcyiIV5tAs&google_cver=1&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTeJ4w--Dz2wgksi3fk-Pj4hAQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ2OTM3NjkyODYwNzc3MjM0MQ&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTeJ4w--Dz2wgksi3fk-Pj4hAQ

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1

Request Chain 210

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBW.39yzgmWcj8pGuWgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1&google_hm=2

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEHknCtvesLV8RfhgSJ0c8c&google_cver=1

Request Chain 212

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Request Chain 230

https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29c8b4468e002c%26domain%3Dxiaoko.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxiaoko.com%252Ff13dd52685b88c4%26relation%3Dparent.parent&container_width=363&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fimxiaoko&locale=zh_TW&sdk=joey&show_facepile=true&show_posts=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29c8b4468e002c%2526domain%253Dxiaoko.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxiaoko.com%25252Ff13dd52685b88c4%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fimxiaoko%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse

Request Chain 246

https://gcdn.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/97AB511A1D2D869417ED4FC904B56FE02F51A43C.3B995E7FAA7482283522B5E730D0C5E4098520B8/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/542537113219B49D71358E26708471BAD0F3BBDE.50AE688565345B1B751AD371FB71837E9625B7A4/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4

Request Chain 252

https://gcdn.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1C9FDE997B19FC43A1257CD8484F6A74464A8370.94B608045F62B13D720169A6834AA257D234D8D3/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2185072F3A1FB4CA5E739F5ED762C2DE18F6D12C.28FDEAACEA8D290DE1CFDAEC7519207004EDA469/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4

265 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xiaoko.com/
Redirect Chain

http://xiaoko.com/
https://xiaoko.com/

157 KB
30 KB

1225ms
1176ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29104e63e90821f3d1148b38d19af41d995a1d4b0168d251d889f5c03be7abb8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 7027
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, s-maxage=2592000
cache-provider: CLOUDWAYS-CACHE-DE
cf-cache-status: DYNAMIC
cf-ray: 8236cd67ceb81976-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 14:38:58 GMT
expires: Thu, 09 Nov 2023 12:41:51 GMT
last-modified: Thu, 09 Nov 2023 12:38:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e3GWrabTfolqJpRCECU5rCXgoJOkn6z2KHny0lSXeMTzyuPAL1GVMi1YnjmvjyKQlArbyLXes93TbJa9vdF%2FWyAkRPxO5ebXK%2BEvTPnQ4ETLwsM6gFpLEHjAghAcNC9rdFc5AkUngyw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

Redirect headers

CF-RAY: 8236cd67491e92b7-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 09 Nov 2023 14:38:57 GMT
Expires: Thu, 09 Nov 2023 15:38:57 GMT
Location: https://xiaoko.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGph8593I8Hk58PwpS8KmWfYzS1JREMOlRP3Bf7Iu%2FDBjgAn3LvowGLgtVR%2F%2BZU5gYloWUv83mtpaIjPMWggtfhNvbz54tIMap4D%2BTEy80eQK023vKIwyxGgweBBdtPM%2BHiWOVOPk8FR"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 sgr.css
xiaoko.com/wp-content/plugins/simple-google-recaptcha/ 228 B
498 B 34ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/simple-google-recaptcha/sgr.css?ver=1671287436
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a95abda660ba5b3d0465459168d211ca3fc375430d0ae0b1440b27625a37f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Dec 2022 14:30:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147457
etag: W/"639dd28c-e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l80E4VaXWWu2sv43zpZBjN7CEYFrggWP41hlGJenpySMHTIG9Dig1VWsRxO6xcN4Zr2bkwPKI1mk1HULeg%2FQ6NAugx92aJkbFbfIAzuXiBQnd19%2BkK57bQx9Z2T0BQxvxaS5LHEiNxO5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a181976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
xiaoko.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 37ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 May 2023 12:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"6468b8a6-1732d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kzzWAIAE5UsChkvyQ%2B%2FUQWpWTxCwALKUlviP5ffcx4S02uokmVnhaGzLLFmTgES4qyulBX8R%2B10JuSJ9YrBgGDmC0RiNMwz8vlMJ0nf1xhxELl4oeqJnAYSL%2Fj%2B6IdEya2I9NIqXjMj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a1a1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wc-blocks-vendors-style.css
xiaoko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 10 KB
2 KB 34ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=10.0.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d38ebe31a12e6c88de4f40af63dd23841c9879f168a8824aa475029ef59dd1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"6472afa9-28c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vS0mNoItuJvnGDKpqSXsUwYR9bzoNYPdq0oAxcE2FhJq0H03LxZeT63qQWp9%2BF7ZQx1mF1gHGtvp1HiTNlYbMntXOGVkzcF3KSF7BLDFvOZPrWgTVwtRrvzEeJJSRbWoU2k3IGDP%2B4%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a1b1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 wc-blocks-style.css
xiaoko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 259 KB
28 KB 40ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=10.0.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f03f3be43587f9af0e5a0ab2d1ae2185f4fea5f0ac7223b291194eb2a04935

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419153
etag: W/"6472afa9-40c82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiFUa09dOozAKS1bnOM%2FRm7Ye%2Bgs6hQETTP9MLAY2kj1HE3q8jSuOGlHLq80cvwcTT53wsL6gyZa6JZSziSXvFOvketp3keWWIrdsmAELQKTLSFzdyPp5SgPCvPI5fogoJ1RuK7fUlgm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a1c1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 classic-themes.min.css
xiaoko.com/wp-includes/css/ 217 B
471 B 34ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 17:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147457
etag: W/"63b9a5b4-d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJhwL%2FbA48%2Fy64MzZwAkLi9Ml8ZOtMIS6bcPvjZMmhShEBpu1p3hBpUn8UU%2BKsIE4puromwdlU7jvR85T%2BwBx%2BphPKQ9oNfFH31FmsJstfEgFvalZaI0MFXXH9PfEZ58X6Sijhx1Vr5I"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a1d1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 mailerlite_forms.css
xiaoko.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/ 783 B
559 B 35ms
30ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.6.13
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7641e858f2da1154a4ee1d7d786a4de42d43eb4d862b388cf1346eba11e2ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:09:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419153
etag: W/"651b85fc-30f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKYxORb6QfN0JWqV%2B9FXCJ4%2BunqXyOjex1EQojnfKUwyEOhtoPGJsGQITPwIrvS6iFfQHS8h4TZhIXP4BRutTgNBXb6ambse34JVOhCQ0FxhsoCj3znvOFrT3mCcWaIOZbD98SWxbnWm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a1f1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
xiaoko.com/wp-content/plugins/woo-mailerlite/public/css/ 61 B
467 B 39ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woo-mailerlite/public/css/style.css?ver=6.1.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e0a3a013e5a5ca3a040c9600a14b4236e5afa1344f82507e2112e4889551bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 00:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23113
etag: W/"65385cf6-3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxSktb%2BNh69zIG4Z%2FjVO0y0TLA2vVV%2F5a4nTbQcwUY5rFKOQtN2FksMLTaIDuApWjGWNqYWH4gSaRKIt00OfoOz6HgAoUsyaW4b6lvm2E6%2Ffb05ZL4Vk0uSM4%2B767aNbIhhbqRg%2FtY%2BD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a221976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
xiaoko.com/wp-content/themes/soledad/ 695 B
729 B 34ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/style.css?ver=6.1.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827ec62dc91e175035048cc9e62abfde1245c380b4016be58c26f8f496264e9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147457
etag: W/"651b8ac3-2b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPmO4Ur71zRV1wAFcF3zNQMXnmmby%2BoNWCZda%2FwNR%2Fdh6w%2BwYYEt5AcsB3XtPv0nAqxJSJFlI6Q24%2BBeVi9qA0aDIw%2FZscN0J2UnafJq6WoxNs8aEq6V52fZN%2BvPLngs32AqiLpmozvp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a231976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 36 KB
1 KB 144ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.4.2

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab4318b34ba8bf4766cfd93811508a5f82240393443e369a774fdc1580794281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 14:38:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 14:38:58 GMT

GET
H2 200 notosanstc.css
fonts.googleapis.com/earlyaccess/ 1 MB
293 KB 144ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4104998ed3276277cb74a9d0bd265900e3d65e05d8828d7557559fc308e847da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 14:04:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 14:38:58 GMT

GET
H2 200 main.css
xiaoko.com/wp-content/themes/soledad/ 1 MB
148 KB 638ms
633ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/main.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd403951619d5e02b88509296956bc45c48a64cf29970dd15368e5e8cad4003

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23113
etag: W/"651b8ac3-11e319"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Yu%2BXBU2qjKVJ36jbry4blIizoQpxP7Po7dKmwYyT5W0QHFqMUtIs14Nq2vvXrqTw7rWhozTdfbwCmmf44Gbophuw46bET7mtxQM84nUJ7eaukph3pUTDMwT7lyykwg%2By7d840wWmW8B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a241976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.4.7.0.swap.min.css
xiaoko.com/wp-content/themes/soledad/css/ 30 KB
7 KB 37ms
32ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Apr 2022 07:47:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419153
etag: W/"62528b9d-793f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEjbUpkASyP%2FDrtpjAOLax%2FcFOFyTu%2BdLvD%2BE1ErDt865xQgg9sxF1pzHl0M0wX7FWSBis6Dx%2F6BrUFEaRhi6LNjIBPO9UHISPct50luOJmpr6N1VEUyUCXTJpavmNlJtVGLhAWLiOXw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f3a261976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 penci-icon.css
xiaoko.com/wp-content/themes/soledad/css/ 6 KB
2 KB 658ms
654ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93a269c74c265916e9b074794dcff2691bc196dcc39d2ab0ae8af71269df569

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147458
etag: W/"651b8ac3-16e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKpMcmHFNtdy4ZI3rimxfXA1cz%2FrRiFoKsT4nl2s6aVEA0lu3oPKVu8SaTQzc2mfBaJi6H%2FooJblHj3t%2Fb3XKQHQW27N0yq2A5h6l1u%2FD4Jb%2FN6G9U7M26RwICKRx67JtX4oYYJKQY5%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a421976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
xiaoko.com/wp-content/themes/soledad-child/ 359 B
485 B 659ms
655ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad-child/style.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47417194b984e994b27ccc53747f5b0c92181aaa81082f0dfe7b11fd6a426344

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Oct 2021 09:26:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 85456
etag: W/"617d0fdb-167"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LNnaN9eIY9DDpHpedZl1cOkXzJUZB8vc1zaWfoH9Hva5enSrvtjRsjnOQbLnTredC7nhdXMPqh2oqbGci6RAKrBTRGGux8jBUwpZFLYkzQ1GflmzqyPlHprTOzpF2zypzR3MEabqxQd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a461976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 social-counter.css
xiaoko.com/wp-content/themes/soledad/css/ 4 KB
1 KB 656ms
652ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/css/social-counter.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5847f348a4a136d00816c7b18e42cd0f67b762057cb00a3e404abf6dc5268c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 85456
etag: W/"651b8ac3-110e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMSWaZfT6tZEuZWuX9M3%2Bao3W3ryLZ9fCzaTkuH%2BMYWxI%2B9mC98UcSIXDrWcMeHPtKB0rf7PVRJbnPKw%2B9sQF44Rg762O9VfqoALkoABoI9GiZdVO2bOburTq2XawjRuguaA%2B0YjK%2Fi3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a481976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 elementor-icons.min.css
xiaoko.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 657ms
653ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.23.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"653ca00d-4c4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwep8tbZCDC5uD8j%2BtOvlUEJhmhHoQXbfvzECmJqzB8ZgIveB6QjFijRiQNrsI0h9T0dz13gUwxUsItTl2mMbF1HE4v4LUZetfiE9Zi282fOeHWiH3xkYWfKfqQIMW6dOhx3u7F9lSp%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a4a1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend.min.css
xiaoko.com/wp-content/plugins/elementor/assets/css/ 167 KB
21 KB 737ms
734ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.17.1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c4f4a482be8e23b4756169087f0d2f33a890e03714d551bddd754ba8fd1770

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:45:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 160661
etag: W/"653ca00e-29beb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGFKIUlaR%2BdzR%2Bn93RHN15mTK2dvdGzD%2FS6LjjwR0g8yK0ESxmW9kStzAkrEmpZEzqmrGdPAa7DscmcbTJF%2B9%2BlYslVeXohuU9ruj7RluXO3LXN8d%2BZ7OeFtGfVz0FKc9Tkt1G1d6fm2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a4c1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.css
xiaoko.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 657ms
653ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 12:40:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147457
etag: W/"64579c3d-324c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNoRi6vcvw39QQIAbYmpXcs5h4M3EduGX6fEo5b31OZdEFfKII5glSqkGOKlMOYF8QArRxZlRvewgefy8aTf7hO0M8Jaa4zTXY9fq%2FeySgQuMB2lvxLg5jWcSDx1B0BMKhSfZDqwGtQ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a4d1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 post-5020.css
xiaoko.com/wp-content/uploads/elementor/css/ 1 KB
694 B 657ms
654ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/uploads/elementor/css/post-5020.css?ver=1698471964
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3d8872ffcb0f4f9bad68c9292caf3333e20e1d87c45e39b00cb922a1b5e889

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:46:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23113
etag: W/"653ca01c-48c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j43iw0Z7OejFkt2kMQ9Ll%2BJAdjh3jhnTKE9%2F3Me%2FEf5b%2BjSZJU%2BDP35zFkoZCTZ%2B4f79wQHdfiZOJ1AYvGTTKLhSX9nC6Hbi0efRPDkdVqekSKlYRuKtI3IZ6XWfIuLZDcf6EmeVXoY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a4f1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 global.css
xiaoko.com/wp-content/uploads/elementor/css/ 9 KB
1 KB 656ms
653ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/uploads/elementor/css/global.css?ver=1698471965
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:46:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147458
etag: W/"653ca01d-2503"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDEmy5%2BFYnWf3ZHYlnecAN2SG%2FfLsROVmrsjqGGXFYb7lMbqmV4SMPmHSoEGT0%2Bahmx%2F6IvLl298D%2BaD92H5TYTMAdvVTJZ5ImmlSblvh09R3ZD%2BLw533CFz9NlROeu2esC3Ai1GKg4c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a501976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 addtoany.min.css
xiaoko.com/wp-content/plugins/add-to-any/ 2 KB
911 B 657ms
654ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 12:10:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23113
etag: W/"64d6252d-644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzmseKOHd%2F7T%2BObjKo312cwL2LFgzUKs4%2B0vtgVrqS4VL2gwU1SgRSmg4dAHpiDK2ZizOh9wxSjfGBoXHadauW%2BIQlzMpc1g4HOEAttvtWlmJYNk2pmDqjyoIMzAnJuLdtb0yqaHcGqf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a511976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 woocommerce.css
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/build/ 69 KB
10 KB 736ms
733ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/build/woocommerce.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989e62e6e4e9b311729ffbd6032741e64511c2d64dfa7f89ee9cae4e28750e45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"651b8ac3-1132a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvzXa7ULK7yw2xKmmRGi96VR8YdN4M7YNijehzXbqoUNlpZjfCDP4o5AIgg17wVOgpcVQqNXfKF1qU9iN%2FqlyJBwsA%2BQIE8P%2Bq5fB4pmQRf0f7NP8gRdomC5VAoXP44U6wnjhPFrUi18"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a541976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 woocommerce-layout.css
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/build/ 23 KB
3 KB 657ms
654ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/build/woocommerce-layout.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3e29bf4f4c40c0191d1c06c200c7462e99ed795976c565ec1f951e69315128

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 160661
etag: W/"651b8ac3-5baf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgqG6TVecydY2ZJJu%2FUKAOg4aRuk%2FMS%2BPHkjb28ba5DRp4tUov180IGhKD103GLol5oUmtdVkgM8ir7pETcUC0o8wEPUkvLpWnspi9OCpcHUlOpBgZsrZd%2FOFvs7fb7XN0XlX6E8nxRE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a561976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 penci-woocomerce.css
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/ 281 KB
39 KB 737ms
735ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/css/penci-woocomerce.css?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344986466057284b961f47689bbecf59c984084b59eef94bba9db28514627a20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23113
etag: W/"651b8ac3-4624a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Akoi9%2FVxR5uzBP3QsgDjMULshM2psP%2F9VqjtQk8IE%2FHikZZj5furNDrjqqicrlGkCob84arvIVeQJvhgH8CodFJ1LE3EcfLY3Qw7o7eJxY0gbjAJmLXJ1eu%2F8WD8UQDDIq96NBvX4NO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd6f5a571976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 137ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.4

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 14:12:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 14:38:58 GMT

GET
H2 200 sgr.js Show response
xiaoko.com/wp-content/plugins/simple-google-recaptcha/ 1 KB
792 B 657ms
655ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/simple-google-recaptcha/sgr.js?ver=1671287436
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 234443c5e8844e0a1ff549111e5e0313346b828aa05f6432af1ca750d971a1bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Dec 2022 14:30:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419154
etag: W/"639dd28c-53c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwk7s5TrStUlW2nkkfZm0yciCGdJEo2fljcgRZImU4mhGgXAinmEsTJmhUajz7R2Hhv1gC3yla8%2FtU%2BkLUqE0ypSRZUnxZR9FIPqxiF40sOgDWuM42Trjn0blxxfi0JXsuuq0VRRaJE%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6f6a591976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 97ms
41ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20973
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03396a6543cd35a0e73d2b4de150841b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev66rsrQQJyAZClOlk9VptMNjEgGBoVl523%2Bfsm7PsHOL%2FQwrTu4yDF3T4En64cp3nZvOcLhKP2R5Ytmhrs%2FnxYTr8jJO%2B0SLZA%2BXPbzNEPdeNTmfbjiomuHknWq0uX1drnJ6MvU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8236cd755ee965dd-FRA

GET
H2 200 jquery.min.js Show response
xiaoko.com/wp-includes/js/jquery/ 88 KB
32 KB 736ms
734ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 17:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 147457
etag: W/"63b9a5b4-15e54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4e%2FitPExvxt8hezFi4Xe7Iet7wNIzwwCpX9Kvgudz32Ft%2FljecZVIDrYJdFYrNnmoO2Qu25nqoam0c37K%2BgcgeRKppje4SFPRZGrcr9KktK3QqjwN%2FmB6TI1xZaWLO%2FiRZOO%2FbcHIUo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6f6a5a1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
xiaoko.com/wp-includes/js/jquery/ 11 KB
4 KB 734ms
732ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 21:21:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 419153
etag: W/"6109b353-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oufyx4jCSfzbA%2FM6XKYxtKTuw0RirjXalh4ol6Jf7Tr9fPenE8X%2BYW21kIqrK48TKhizHEY9rfJGhxwsNfqBloEaNqE6ORi22%2B0y%2BaEse5YI0vtH48u1Xhe%2B0%2F6KohyHFgYtCK8yfu9S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6f6a5b1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 addtoany.min.js Show response
xiaoko.com/wp-content/plugins/add-to-any/ 129 B
542 B 1788ms
1785ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Aug 2022 13:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"62ea746d-81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cNH7NTs57Mg4RgZO6%2F9m7JnnO%2FpNMACvbkKR%2BHoLrdixkLiUKvSPwQ1ClTQXKvEtT528whHg2IYACz5bhJIWs0qA3G1IaADu75A2A224bpO%2Fn5b80TCrGyM9N%2BXpA6cJHXoyhSGg%2Fjd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff3a692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 breeze-prefetch-links.min.js Show response
xiaoko.com/wp-content/plugins/breeze/assets/js/js-front-end/ 864 B
780 B 734ms
733ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.0.31
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 85456
etag: W/"653c9ffe-360"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNMRP3g%2ByjvtCAo2NyjziTi1EdO4pNia9%2BRA81BI1jvvDYbGjCyAxKXDKKBaTuYUVtBYQejY1JM1r8g8%2BiMz5QuW4SPjXznmIE4oA4hLgTcDmp0wIDFYtyCDlsR3%2BqAXczPnGENf87cj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6f6a5e1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 89ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-47922823-1

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b949a5ef67b2700115435765dbf8fa5abec8e68061771a80cfdb58e382ea4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70640
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 14:38:59 GMT

GET
H2 200 public.js Show response
xiaoko.com/wp-content/plugins/woo-mailerlite/public/js/ 2 KB
777 B 736ms
735ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woo-mailerlite/public/js/public.js?ver=2.0.3
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6299f78fd6a0c8b37dced1cf3d180ca38241e03f434d72efe98794764351f8b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 00:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"65385cf6-77e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHkafczBwARJoOv6zPiS4DBnjO45dNOp1b5NK814Ubrp4NwR7OkQfy0QDG3Wm6D6GBeLURvCcR3mzpagU91VLBuoHyvhY9GJjHq8dOiLXOuWGcJiWowxtX0LS0Ue2RyOK%2FSnYFl%2BgPY%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6f6a5f1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-emoji-release.min.js Show response
xiaoko.com/wp-includes/js/ 18 KB
5 KB 1788ms
1785ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 17:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"63b9a5b4-48b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9rAcMHL1urSNOzDLaCXNQaR95KHGF54w%2BahlqXsHdoYRt73L5ShHhf5XtA0yJ%2BvL2%2F6rUfFC39k5K2456AvD7TzEzkR6iW6FN5JExPldgUUK%2BUtqw3Mt2hBBYjXvt6%2BmSWX%2FKDyGtJq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff3c692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 woocommerce-smallscreen.css
xiaoko.com/wp-content/plugins/woocommerce/assets/css/ 7 KB
2 KB 1788ms
1786ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"6472afaa-1b83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYJ1VpHMPBN64BBefkkYCv2dcnVo4zO30%2FoPRWFvaahT3k8QQ7j0JaRlQR%2F9OsdLKEv%2BomZqyOmxLy%2FuqGEwXQsWzEEcbhHqdEHhVKgAeHfwSY4zfNRjryGGKRnV7XO7nMceJfZiLLtf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff40692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 221ms
169ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGWE9JN3KM

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e0d5cafed1cd3b92fffcf4bdf7661473212dc0d9ffc20fe21f6ccd4f6b491a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 14:38:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 171ms
118ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8621947540976182&host=ca-host-pub-2644536267352236

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1efe339eefda2e0d1fc69c5942f9ea2f7703067133ff63633f2412bb30828e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52426
x-xss-protection: 0
server: cafe
etag: 3864577090880384815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:38:59 GMT

GET
H2 200 xiaoko-officail.png
xiaoko.com/wp-content/uploads/2022/01/ 10 KB
10 KB 705ms
705ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2022/01/xiaoko-officail.png
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca5b93de28277c9c88099130c51afb0d30de723c657c6a055ff51f9268c1196

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Jan 2022 08:03:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61e27fd3-271b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEITQjjfN%2F4EJ6zFCDAggHCjVDSGmcKvaFE8eiDCEourVl%2BcqUmRykQueGOYjVzweaOAsGrHBObLHut%2FSUkVM%2FKfTMb6UKfSDBZXvnd%2Ftls96NxlwS1HbuJUS%2F7zucA6WgJSE8Yygmti"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd6f6a6b1976-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10011

GET
H2 200 1f4e2.svg
s.w.org/images/core/emoji/13.1.0/svg/ 584 B
642 B 47ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.1.0/svg/1f4e2.svg

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

b8fd5d13b84d5f3e43e800f3bbc3fe0e362b9f062690ee944c48c5ce7994474b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 18:52:47 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.blockUI.min.js Show response
xiaoko.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 657ms
656ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 23112
etag: W/"6472afa9-2521"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSYWUusaZ%2B%2F4gJkjXtXj4Sj60psf8bWIATsrph%2FMGHs%2Bmu4tcBDD0g71n28WhlVopgUQJoMyVP3RGrcHQWIG6FrNQpDm0TGthuiIChScc9xIMnGkAWrIRN9Bbh%2FOfV85Fjvi%2FHfFhNOf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd6fbada1976-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js.cookie.min.js Show response
xiaoko.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 1232ms
1232ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6472afa9-72a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40akKPd7HJwo%2FXxhyp%2B4C%2FkKXSEdywhIZHo8ni482c9WgP3SNEkSZHUppgxAnmRb0fIdLMmi8gwi2jQfp%2Bqt8WsGfmJfVo5NqOmUgE%2FRXoKm%2F%2FHRH1rxYLs0DN39Am9mOLI%2FZY%2BmkLXX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74cecb692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 woocommerce.min.js Show response
xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 1232ms
1232ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6472afa9-85b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApdoyYkiR9%2BLoucyaI6454wyHwvhBt1VrtjHGoOAnSsYm1yfecKRRgfPOyp4Z3F0uSmNiDt0XO0sK9eARe5XeVq23TDhxhRRwI9acoYRkdg2SW8L1o9iXgRq6nu0VcbWGyugDI4ZLA2z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74cecd692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cart-fragments.min.js Show response
xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 2646ms
2645ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6472afa9-b7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN0hqMoNZVU7%2Bbihe97UQod%2BfrMhw%2FdgpdHjW2kdAPoK2KiNu4N5wyntzRiD6ta6TEEdNmlOzMj0BsDmR5xYP%2B2HaU2EfV4cX9GUyzejAC1Vt4mCzL36Rm7voMuZ2wLhBsmXNLNV1uNo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff07692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 penci-lazy.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 9 KB
3 KB 53ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/penci-lazy.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6671249683f30cbeaf1362a61f8793660a1ea97751cc7f4a614f585fa41b9d91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17181
etag: W/"651b8ac3-228f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsfkX6q%2BxqWBOoImuZLsqwp7Nf%2F6zsPtMsyypJG2Utaw17wDB7B5bKl15GS5GePtxGAXhShtRX9J%2FTHXRPOulJMloEzY%2BcaKVzZcmTa4npBqUGmSJL1lHhODQomjlZVAFiMOSkElj1DH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff19692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 libs-script.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 165 KB
47 KB 56ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/libs-script.min.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7707208a1c71243cb764c0a95bc41ce8b0d2a316d2d01b3b9678b2560cdb06d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17180
etag: W/"651b8ac3-29331"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktL%2BhTxc5omOMM2km3HTQSJOf7Vtl9yFFLWjgdOCdlYzUefTUxcTBCxpTL7BfpYhQi4ejK6AJe8iTiY2xwCJ8Unas8NOytXZ0IN8UQ4fjYgiv6oI614leEGaLiYYRzSzEGyQPqHL88rQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff1a692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 86 KB
17 KB 505ms
500ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/main.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f050c86c66e9b11e28247de8549e2367796808ed7171d146d8d3768056ceefa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 106775
etag: W/"651b8ac3-15687"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6auq6ngaEo3fJxyQTmm9H8aJNrE4Zlr7fodbVlsaybsCTfx0vrQqHIBIVLLOKcqxFXXdU81Iqw07AP%2Fo0ZR5LN2ejHYec1gfEH0p3brBpNndHVP%2BKA6bRpHOgu0F5VdhIX7iHYOBfsej"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff1b692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 post-like.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 1 KB
898 B 722ms
717ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/post-like.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52926
etag: W/"651b8ac3-459"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyGeBs%2Fn9pCjhIJd%2BwlocIFFYkKH7jKs9f71h7eSa2GE2gFdeDePcwWVXDTL3k5%2BlNP06NE137OJ6UkyctQZvgNKQnn0crCHwvTtLrHUn35IywBIjDBEqKEq5%2FF4fSw556pVLYKpeg%2BN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff1e692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 more-post.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 13 KB
3 KB 739ms
735ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/more-post.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fafce064f0e83f74f54df00067b34b1255b62c9b0856d16057f5339439bbb110

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52926
etag: W/"651b8ac3-34a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlufpKS2YQpOEU6HkzPuUfQZItE2%2BxEU6L%2FUl4IgdkQ4pBoUyLxhrG2%2F4PEoyJxZfGvCHzbubtEkR%2Fg9%2FsrDJ6hp6TsnJ9Dxm1DyRXea64IFiJp2idNZEOWq1enUu25MkbjHsRw%2BcNtz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff1f692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 slick.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 52 KB
12 KB 740ms
735ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/slick.min.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-cfbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX6keiJEUEhLDVRjmPwDi1SeHBxDYfqpntpJp5KcvdRIc5criFnklSZ6uPupDofnPFVvmojbNUbEAHC1vHYN2BmJ8nNL%2BRSEHxKLyKdcsGiePnjxmHozXHNrvkeuBrEN759sv9vMvIMh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff21692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.pjax.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 29 KB
9 KB 35ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/jquery.pjax.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c517e4903a0e010903fed9de82687cf9e382baa4cc9a8f03ed006a12c084df1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-72c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J11aKWJ9%2FshGUKcI6n5wBD1Xvo6EwEbKr0LsFiSmvs1nb8fzPnh4XaU1CYuKbcrnqCBL92YdrvZc9ZlxbN2b0vprRZcjc8WGQnOrDo8vmZVLPdxDhtVLN1G3FeVcJknQOBNmtMj95HE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff22692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 popper.min.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 18 KB
7 KB 1271ms
1267ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/popper.min.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7688bd055ffffedd083a935cf6e0ccb9c53c1cb738a5a70d66902c2d7d8aec0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-487b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sa48bwehuONbrjIcsuVAuCWb6COibhqXWFNrUZ18H2lP202h4TU%2B68r4dm5t5cSGlH6%2BQez7ssUMqRmOiIgXnVquNeweOYez6hDxscihAQpNPYkvSKtvZ0qR%2Bkk%2BILgiidnAwqmsyVGH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff24692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tippy-bundle.umd.min.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 25 KB
9 KB 1293ms
1289ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/tippy-bundle.umd.min.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830b465d179332970ad5bde0a3cb08c3cfe9d0fa591e42a0ea954fc1114b27f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-6278"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OD96JQoK8FRnWtdhYLCOjshPF004RYOYhC1HGwzHynDO4KAuWUleseEomLSWS7oUg5eya74ses8Fug46PG5S2U8rgpFr8m2NtDSJ9yk1GKjDUkTrB6HZhz4Wiv3TPjwIHBjN%2Ftfk1EPt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff25692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.autocomplete.min.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 13 KB
5 KB 34ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/jquery.autocomplete.min.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61e23732887cfaf95a6f7b9d7b8ebe3e2e0785d8533127898f2603d29515a41c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 106773
etag: W/"651b8ac3-3416"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJFtZh%2BhQB1tz%2FHHHvs1tN5TEGus2FaZbSFd0IZo5W6WyKOnBd36EhBeANDY98DnTIUyLwjLnqVehrGNfu0WzVrRb%2F82zYZkkFCUy9t%2BO6zNsa3EDCf8UrQGSs4rT5le%2B49etazcxuye"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff26692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 penci-woocommerce.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 112 KB
20 KB 1317ms
1313ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/penci-woocommerce.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb352ed74627a066db83b132b5de1e4a90dd0c191cb6e527c0189ca2748b76a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-1c016"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFhA3vFWNrTdeIZmUbmW%2Bb8%2BoDUl1ranVjbcqy6qH21QA5U8VilVutikhI%2FHwbKB0w%2BD7L0x7qmohLxP9wADgN5iFkNSMSqhSznJPz5ZfLbdSRbwrgZCQJ%2BbyvHRyNcnHiWmfnVSFH1%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff29692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 underscore.min.js Show response
xiaoko.com/wp-includes/js/ 18 KB
8 KB 1358ms
1353ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 17:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"63b9a5b4-4991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2fh%2B5ehEsRdUwhWmbbBPxggHXptbxbUqK1aeB%2B1VlSBvEG3c7zYZ025QVIeZmi6Cd%2Fr8ZHGAzVOWAQWVsZwEEuHwXDKpsPuHY0rnwV3%2BdT7C%2BLyy20RtWOM1wSNNIDvqGGxC96tpfr2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff2b692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-util.min.js Show response
xiaoko.com/wp-includes/js/ 1 KB
1 KB 1377ms
1372ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-includes/js/wp-util.min.js?ver=6.1.4
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 17:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"63b9a5b4-592"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA2DPnCy9Woln45cJmXgF83MKQa9nRGWgcRauwtkppMeQ80zryPcL%2FgAI8dkE31ZDmYCGdt6b%2B377R3aLbaZPxR98Mt3Nd7MiXWNvNC0Htr6W%2FWkiOFlkm0VduzF5R2GTwy7EgG%2Fh7M4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff2c692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 add-to-cart-variation.min.js Show response
xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/ 14 KB
4 KB 1377ms
1373ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fa01fc8e93ce50c1dad096b125294f1f079f82d1e1df61520cb20f88eb359b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 28 May 2023 01:34:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"6472afa9-3644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Smb%2Fb8wcvDn2MQ%2BExLwyKYQZ%2Frnx7%2BoEqCfmW%2FJkY2Jen3xnqaKS%2BsLhOgQ0czpztICc1lcONpHbVD7T3II4UYQtvHqdPplYVgZGalOrLoZjkRUskhZixfLV6yyoVJUYHkEK%2B%2Fvo3KAl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff2d692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-grid-picker.js Show response
xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/ 19 KB
5 KB 1378ms
1374ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/inc/woocommerce/js/jquery-grid-picker.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f5db6196e0e410aa9d6a73cb58f239750b7d7971cc9b6f4d4388567aa3f9e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"651b8ac3-4bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW4fxEeS%2Fn052nD9z%2FHOTaZ%2BZGhGldVnm2ecTIFSpghRqsSzj97c%2BXEE2BjUEhnE%2BhxfrpzxBkiTu5fuVPO70PabtTvsKfBwXxeC4UQOWeeRtvgOP7fPT1We86PIV3jLdVbuE4%2Bi2HSr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff2e692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 megamenus.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 3 KB
1 KB 1378ms
1374ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/megamenus.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f5e4e8c7ae9dab40551e4772fc8164a144899355133482863576f2ed22f21b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52926
etag: W/"651b8ac3-af7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBS5g4ws1YdF6Yy0eNZeKDct8NWw%2FZ0CDC6ZEmEnJgRocUfiXNI%2BxBjNAUOQebWQO50yi4mkaGI%2BY37b5JuDAxVy931rGLiBKueDaQ3ZUMAwNjMv09xn%2FM661G1656FvHFJS9BH2usKY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff30692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.plugin.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 3 KB
2 KB 1416ms
1412ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/jquery.plugin.min.js?ver=2.0.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41efe18a7b0136a27c221ff5fd45b5ee3f197da89ea9571ca0fe0a4f31e7b9a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Apr 2022 07:47:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"62528b9d-d1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhJGOKMuUtRa4Amxuqzd7%2F8%2Btt58%2BVkoL2fELxdh4OIcaN0D5cb%2BJPOmPYm29OWCTC5zTC6z7gNnmSecHtKiEOhV%2FjZFuWiEeYMsH5AZTJhHh0d3Tc05BDPUfmQe0Hk4wuOYAV12W8G2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff31692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.countdown.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 14 KB
5 KB 1492ms
1488ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/jquery.countdown.min.js?ver=2.0.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb996cf9a6a3bcc18e9f70f4f7cb3e2f827d7539272676e2c08cc8347f9dbe83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17180
etag: W/"651b8ac3-372c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDHdFniA22T5m6rogKazj4Mvtw50cpG6Yt4IBjlqvlXO0y4v7NRN2npK5mvkEzttX%2Bz58%2FKQ4n4UhhmRMqbDyaR2IM6Q%2BIezp5yvGUbWmoMMsljFHjAu5hzfm499srcymGV5wuRr43Q4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff32692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 waypoints.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 9 KB
3 KB 1473ms
1469ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/waypoints.min.js?ver=2.0.3
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd976380d85b662813bb7dd4f94a9a78cdec54bfe774cd622918b1654fb4f5e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52926
etag: W/"651b8ac3-2291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sdmsMSauDcGNsRLRqQXJT9IvGjxmEXn%2FhG4Qg%2FhA29NxkO1hM%2BhwwGX%2BfM%2BlGOipGGJ9WmO5n%2FUS7wrnufJm8JROkfRDATRfL3N7SaMHuel9UKADN6XL5nAcv7kSoBMWRhHG%2B7qxjqX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff35692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.counterup.min.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 2 KB
1 KB 1787ms
1784ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/jquery.counterup.min.js?ver=1.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7772a4b61605d37556784814cb18711cfa00cf8f99a57c8c93246d13b89f6f89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 06 Aug 2023 07:06:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: W/"64cf468e-887"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SevhHy0zWK8u%2BFNax9ePa9wVB33AdzUR9snz%2FDZNnHRQW2RAn7xj4mfYtJUo7EpokLJqy8PQK0NGImfc8qDcEcaKtQ790dBS8%2BWs25%2BLcVp0w6Bu%2Bb7g61M5rMA%2B00SxvPvva5IYYb7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff37692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 widgets-ajax.js Show response
xiaoko.com/wp-content/themes/soledad/js/ 4 KB
1 KB 1788ms
1784ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/js/widgets-ajax.js?ver=8.4.2
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20cd247f89c1fc1f053ca44535a76e7917ddc2088c3215b21b86165457248af2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 106770
etag: W/"651b8ac3-ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL8HfTNJg12xL%2BXkAQSkOG3uasIDh8tE0FtH2AmKL7xczjpiRFIYPwthuSn1cxLrfDGlndYu9HoMfFfO0TXaw87gI7XTBEw54b1MAqIMHn4bCtPUV7nJjUBof4k3p3mNO4ElhpdO0LzN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8236cd74ff39692b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 universal.js Show response
static.mailerlite.com/js/ 16 KB
5 KB 90ms
35ms Script
application/javascript 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/universal.js?v1699540

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91f064edbc5c02f9fbc507eec846de4a78216fa34c1f11d228e8758f9f1b367

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:52:55 GMT
server: cloudflare
age: 739
etag: W/"654cabf7-4087"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=432000
cf-ray: 8236cd755fb3bb59-FRA
expires: Tue, 14 Nov 2023 14:38:59 GMT

GET
H3 200 fontawesome-webfont.woff2
xiaoko.com/wp-content/themes/soledad/fonts/ 75 KB
76 KB 1786ms
1786ms Font
application/font-woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://xiaoko.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css?ver=4.7.0
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Jan 2023 13:27:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52925
etag: "63ca96cf-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7U8qbWl57hMcTJxtLU9n4krARuYboVBQ0dbDsFPtxOyEbisDkOzAGRvRmI3QhueFEmzD8HGh7LNGFEqteckqTD1zb1IpAxwmq0e3%2Bf8Bcyxx5ozOoI0KWiRZvZ5w7BPPH9PU%2FgQbaZz"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd752f6b692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 78ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CRoboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap&ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 591594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:19:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 268ms
225ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 19:40:17 GMT
x-content-type-options: nosniff
age: 241122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 19:40:17 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24236e1ceb72ee64c657dc0f06f944c283e26fdbd21528c121c3ad65f8f7824b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46b6a02ec0a02b1450808dbe4918cd4f12b279d5df33f8f6ab7b51cf6d9bbf42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 177ms
45ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01eaa2dd259bac7c42033ab6a81d64c5fe9e287ee54fd422a10da24cee0f380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 14:38:59 GMT
content-md5: EN4GG7uFhAjgIkks8YEH/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: Aft5CFJYES9pOMKZiV7OxRC0gNKcf9emBUFcqltVMttHClVcZTmyxY9htu9w2doSL1ZEZBkBXCwHe3p3p6n9Qg==
x-fb-content-md5: 87fa28e5d2675e10e469635f30976d23
cross-origin-opener-policy: same-origin-allow-popups
etag: "5c0017e7e61836079eebddff3590974c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:52:12 GMT

GET
H3 200 penciicon.ttf
xiaoko.com/wp-content/themes/soledad/fonts/ 31 KB
32 KB 4098ms
4098ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoko.com/wp-content/themes/soledad/fonts/penciicon.ttf?v=1.1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.4.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e850610f3ac70a4c28326f934fa292bab59838b3ca2075c7c331580c72f99b88

Request headers

Referer: https://xiaoko.com/wp-content/themes/soledad/css/penci-icon.css?ver=8.4.2
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 03:30:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52926
etag: "651b8ac3-7dd4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4RvotYEvLHrnf87mr486dIgsXyx2kftPSohcDJXUkvA0tix3iD4u9U6OFHqhsb5zPLKquJYZgTwy1tbdtvWJ3eRQjmHxubHPWJ07wukvWQO8uwz%2FsIsk21t7EnisOTqwP7fe5VRLaoo"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd757fe4692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32212

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 35 KB
35 KB 218ms
218ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d1c673ab93e90b90035f39e95c2248f683c873b87fbd62fc710fd52beb83800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:49:31 GMT
x-content-type-options: nosniff
age: 125368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35752
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:31:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 03:49:31 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v35/ 59 KB
59 KB 308ms
308ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d2dfb24132e98b78a83ec9975aea8598b2091a78eab5fe66501873f655cec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:49:42 GMT
x-content-type-options: nosniff
age: 125357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60376
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:29:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 03:49:42 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v35/ 65 KB
65 KB 526ms
526ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15044b2aa1c432c24c3fa34152e20013ee17a71ecb75381380faf177d8c99d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:49:42 GMT
x-content-type-options: nosniff
age: 125357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66600
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:29:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 03:49:42 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v35/ 70 KB
70 KB 647ms
647ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae46d0e503a3dfd8446d129bfeb58e8b64f7aced05bfc73c9fba2a3c3e7be498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 16:41:45 GMT
x-content-type-options: nosniff
age: 79034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71816
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:29:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 16:41:45 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v35/ 70 KB
70 KB 1036ms
1035ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccace50325bedf72cb77bf3c7ce2fa650d1dfe9bed8f7f4f2750a50000171e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 22:30:55 GMT
x-content-type-options: nosniff
age: 490084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71744
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:39:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 22:30:55 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v35/ 72 KB
72 KB 1125ms
1125ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bec718404d0d9849ef9dd57d6b965a6127ac4b63ecc18aed217637c7aca7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 03:50:20 GMT
x-content-type-options: nosniff
age: 125319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74048
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:39:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 03:50:20 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v35/ 73 KB
73 KB 1198ms
1198ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css?ver=8.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e5082a5d7520b50ba4668208f4862576ec02c7d7518e083204aa1d766ca8145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
age: 595263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74364
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:39:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:17:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1248ms
1247ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 246016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Nov 2024 18:18:43 GMT

GET
H3 200 buacoffee2.jpg
xiaoko.com/wp-content/uploads/2022/12/ 48 KB
48 KB 4125ms
4124ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2022/12/buacoffee2.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c379a6fefe00951ea7f707d3140ab723a6f06cdb29c87517aac37721d6813b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 15:41:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63ac6390-bf13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cwuZ794PMPTwNKtJjkfMJ%2BhP3L1WYRs7G7e%2Flss3aI98T3FGFBDAwjinqPUfdzYirUfzf4cuHT5WLXeHOWV7BkH1K1tw6PvSBFM8%2FdEZHiSxIbNH48tOQXbW93nFRIjMuKgZksbA6Co"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd75c830692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 48915

GET
H3 200 linktree-230115.jpg
xiaoko.com/wp-content/uploads/2023/01/ 14 KB
14 KB 4549ms
4548ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2023/01/linktree-230115.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9395388ffa7acff061a7b6b8ca84c44344a631e79a9ca1e1d4f5a95f01f2ff80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Jan 2023 23:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63c341ea-364a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmoGcaEggxBJlTn6mJ14JY%2Fu1THxNBX4YCtH2xeYwaKGI8EQNNekzYoLyjYIRinje%2Fm%2FLeSvxnvM9%2FoRdSaqZnYo8alfffyCRdO7HmCF3bpksIZNNrhQ0nFjCDsSjv%2B9wtgGYtc%2FfS0S"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd75c832692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13898

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 7B79 677 B
721 B 120ms
119ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 14818
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8236cd75efb965dd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 14:38:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9xNXF8SKhq7dhdffqf0dZXqMpGZeX23uso0NGvN81CnT4DMbUSIz%2BdR4fpW3xr%2FAv8kSF4Q4ShiELSwS%2F7mF84nAhdiCKMRoRiIne1uSVkZz%2FPUIoTteKnTA0sbapQwcnzZS1Zs"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.11bfb520.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 168ms
100ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.11bfb520.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiaoko.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a34c5f06f67d42236ec124345ba1b81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzkvoLejOKwg%2FEyFDA2eYS4Q6w%2B7QKl2ty3KdqbjBAgjo7tlzfLMQdfiuPo7rgFxIjcVTmMENVqkO5IN7c6uqGHLA53PUEAydm9eM48IPfmuLoF5kxXKdDSDQXlIPC5ObbNfjbuX4lq1O25A8dE9swZK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8236cd765ff72bb6-FRA

GET
H2 200 universal.css
static.mailerlite.com/css/ 782 B
448 B 135ms
135ms Stylesheet
text/css 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/css/universal.css?v4

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/universal.js?v1699540

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:52:46 GMT
server: cloudflare
age: 2675
etag: W/"654cabee-30e"
vary: Accept-Encoding
content-type: text/css
content-encoding: br
cache-control: public, max-age=432000
cf-ray: 8236cd75e869bb59-FRA
expires: Tue, 14 Nov 2023 14:38:59 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 400 KB
135 KB 135ms
94ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8621947540976182&plah=xiaoko.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8621947540976182&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa08ef2bddc929d41ef3bce63f5dbcf3ecb2444b5f4ed13e95b4f5ea14e2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138486
x-xss-protection: 0
server: cafe
etag: 3182973134740323533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:38:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 39C2 9 KB
4 KB 99ms
29ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8621947540976182&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 10902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 11:37:17 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 11:37:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 642ms
30ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-47922823-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2958
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 15:49:42 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 297 KB
85 KB 44ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=782c2ff99276e40bea33ea0532b4e5b0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a93bed5b8a687005bfe9dd427c2387382b8ed9fafee0c787b60e850b1f59035d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xiaoko.com/
Origin: https://xiaoko.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 14:38:59 GMT
content-md5: eWRe27QnNLqUiXi9C8SpJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87048
reporting-endpoints
x-fb-debug: GyYc/hMKMoLH/ZqKmdvzdwI2+2xy2ZpX6WHk+jEYxb491DR3MoRvriJrUrMyVIjDthjxOkr10dU5JCj5aVZDgQ==
x-fb-content-md5: 55456891288334c9723a2989fa52862e
cross-origin-opener-policy: same-origin-allow-popups
etag: "15bfb9993b4d4730a003d1f803e0be87"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Nov 2024 14:32:12 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
241 B 555ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGWE9JN3KM&_ono=1&gtm=45je3b60v9127039516&_p=1699540739342&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1157778530.1699540740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699540739&sct=1&seg=0&dl=https%3A%2F%2Fxiaoko.com%2F&dt=%E5%B0%8F%E6%9F%AF%E7%8E%A9%E7%A7%91%E6%8A%80%20-%20%E4%B8%80%E8%B5%B7%E7%8E%A9%E7%A7%91%E6%8A%80%E6%89%BE%E6%A8%82%E8%B6%A3&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2700
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGWE9JN3KM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 369ms
22ms Ping
text/plain 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-GGWE9JN3KM&cid=1157778530.1699540740&gtm=45je3b60v9127039516&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGWE9JN3KM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wa-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 463ms
44ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-GGWE9JN3KM&cid=1157778530.1699540740&gtm=45je3b60v9127039516&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=284451851

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3302 404 KB
101 KB 757ms
756ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&adk=1812271804&adf=3025194257&lmt=1699533523&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540739682&bpp=10&bdt=1265&idt=427&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7412537564534&frm=20&pv=2&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=449

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8621947540976182&plah=xiaoko.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bd2a627909749bc9a69bc0c6ac291d6a54e345c14d0d567511b895bd7b5f557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 103250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:00 GMT
expires: Thu, 09 Nov 2023 14:39:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 60A0 133 KB
44 KB 488ms
488ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=768695558&adf=3605511025&pi=t.aa~a.3941172737~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1170x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540739692&bpp=1&bdt=1275&idt=448&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=455

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe38ee7e7ae0cd56326a4b846e39702c26b70fb164fa770723b00f5b4ba103ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:00 GMT
expires: Thu, 09 Nov 2023 14:39:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 28ms
27ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1189244001&t=pageview&_s=1&dl=https%3A%2F%2Fxiaoko.com%2F&ul=en-us&de=UTF-8&dt=%E5%B0%8F%E6%9F%AF%E7%8E%A9%E7%A7%91%E6%8A%80%20-%20%E4%B8%80%E8%B5%B7%E7%8E%A9%E7%A7%91%E6%8A%80%E6%89%BE%E6%A8%82%E8%B6%A3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=653302074&gjid=364733278&cid=1157778530.1699540740&tid=UA-47922823-1&_gid=306369839.1699540740&_r=1&gtm=457e3b60&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=407789620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiaoko.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
23ms XHR
text/plain 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-47922823-1&cid=1157778530.1699540740&jid=653302074&gjid=364733278&_gid=306369839.1699540740&_u=YCDACUAABAAAACAAI~&z=99293549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xiaoko.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Nov 2023 14:39:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 94ms
45ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47922823-1&cid=1157778530.1699540740&jid=653302074&_u=YCDACUAABAAAACAAI~&z=1856089853

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 93ms
44ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-47922823-1&cid=1157778530.1699540740&jid=653302074&_u=YCDACUAABAAAACAAI~&z=1856089853

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 60A0 2 KB
875 B 516ms
427ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=768695558&adf=3605511025&pi=t.aa~a.3941172737~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1170x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540739692&bpp=1&bdt=1275&idt=448&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=455

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 60A0 23 KB
9 KB 478ms
395ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 60A0 3 KB
1 KB 508ms
425ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 60A0 20 KB
9 KB 104ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60A0 190 KB
60 KB 123ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:00 GMT

GET
H2 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 60A0 37 KB
16 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:36:35 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5001836236324222345/ Frame 60A0 28 KB
28 KB 503ms
428ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5001836236324222345/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1de5f2fb4bcec62477a89e2784007a0eb1daaafa1359fa46a544e9bff0da3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:34:56 GMT
x-content-type-options: nosniff
age: 61444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28627
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 11:31:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Nov 2024 21:34:56 GMT

GET
DATA 200
OK truncated
/ Frame 60A0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 60A0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 160 KB
55 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aebc569dd4be8998817ddbd6e5f69dd14c4ffb4d011fabe409b52fb31b11e580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55822
x-xss-protection: 0
server: cafe
etag: 10096019110244385022
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B238 716 B
382 B 426ms
425ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=4002941374&adf=2191032200&pi=t.aa~a.3455557231~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=3&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1370&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f60e421c4ae3d5c54767227e2a32fb84955699b47b5e070995683e3a6d037c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
expires: Thu, 09 Nov 2023 14:39:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C29E 104 KB
43 KB 597ms
597ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df2ea7a7ca36a531bcc856ecbafd10de393ee14d757c134f627fc8e59fdf25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44424
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
expires: Thu, 09 Nov 2023 14:39:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 114F 716 B
384 B 319ms
319ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=2645401415&adf=3049909000&pi=t.aa~a.2987483096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1200x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280&nras=5&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=34

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f06d332813fa4a0ee77cdea2f811c3013baf203f8c3fe52686a1f94a25fd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
expires: Thu, 09 Nov 2023 14:39:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBE4 716 B
383 B 590ms
590ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=2645401415&adf=3049909000&pi=t.aa~a.2631034329~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=1200x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=0&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280%2C1200x280&nras=6&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=38

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9aa360b0b0a58060add955ece0bb0e60e7d671cb81166caccf0a8a35d9213e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
expires: Thu, 09 Nov 2023 14:39:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 60A0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b77f9a36024173b226b89a546c6dea19b6e7f24f2cb64eb328c2a547a0e49c06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 60A0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CdnyJBO9MZfWtDJCnxdwPo4KM8AeN49WLdJnT1_GXEufRveCVDhABIKDSmAdgkQSgAajK3JYDyAEJqQIQ4kSHSp-0PqgDAcgDywSqBP8BT9AAbsMzPbEbVaTjfWn5CZFKPZye6pZKAuMkjED...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210684315756694328137%22,%22debug_reporting%22:true,%22destination%22:%22https://xiaohongshu.com%22,%22event_report_window%...

0
0

102ms
55ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210684315756694328137%22,%22debug_reporting%22:true,%22destination%22:%22https://xiaohongshu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852960552%22],%224%22:[%2211-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211563849151520030081%22}&andc=true

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10684315756694328137","debug_reporting":true,"destination":"https://xiaohongshu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["852960552"],"4":["11-09"],"6":["true"]},"priority":"500","source_event_id":"11563849151520030081"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Nov 2023 14:39:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10684315756694328137","debug_reporting":true,"destination":"https://xiaohongshu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["852960552"],"4":["11-09"],"6":["true"]},"priority":"500","source_event_id":"11563849151520030081"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame C87A 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 19:20:11 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 18FC 9 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 09:36:38 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 09:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 5529 9 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 09:36:38 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 09:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 3ABA 9 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 09:36:38 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 09:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/ Frame 71D1 9 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 18143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 09:36:38 GMT
etag: 16674218716276178799
expires: Thu, 23 Nov 2023 09:36:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
54ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 18FC 4 KB
767 B 31ms
28ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 14:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 18FC 205 B
518 B 32ms
30ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 13:40:18 GMT
x-content-type-options: nosniff
age: 3523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 13:40:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 18FC 604 B
695 B 33ms
32ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 4103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Nov 2024 13:30:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 18FC 15 KB
7 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6703
x-xss-protection: 0
server: cafe
etag: 18125926408851158271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:51:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 18FC 21 KB
9 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 21:51:08 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 14A5 624 B
242 B 61ms
59ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNXVhX-4z-UKx15DLiG54RDtb2BZRk28oSF1LrRFIac0xsg8G0_-450Fe8swQIGEUaIok0Oq9NgOJiosg9AM2uk330fyhf1G5sACq2va7-IgAv7N5mSV2xAbk-DO_jtfXFRlYNQ5q8_C4fN6LHMxMzBkfbtiQF6oI74lBKG4uFGCBAhXsl4

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 777C 89 KB
31 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 777C 3 KB
1 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 777C 20 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 777C 190 KB
60 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 777C 42 B
63 B 56ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-rBJnOOlc8dGxMFyfUDb1O6EzsekyBa-6gjBMJ8n3dYAgk0bxlWBgN5o2fNbnyGEpmFKQ6_gjNTH3MGQRVqwcqzK9WcWtQ4pffSKeAAnuemaes1g

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 777C 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4850034070412579959&x=1&ct=119

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 621D 640 B
262 B 60ms
59ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 757F 89 KB
31 KB 155ms
154ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 757F 3 KB
1 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 757F 20 KB
8 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 757F 190 KB
60 KB 1152ms
1150ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 757F 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DC3F63-YQU6o9rWv6WiqDjcB732anxNAyOKPVb2ybbOXN1b8PnvDn0obOtjsArKR7WnmOxJQtbpVaa-hTqXCnv4EWEeWpgtSJE15AgPcC97STYhzE

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 757F 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13271109299802438848&x=1&ct=119

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F8FC 624 B
242 B 134ms
133ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARjZjo7uATAB&v=APEucNWAFlSS2KsKVYTERGuzTYuREJzF9NjbSuSt2z1z6jlZkJxB5MqaFYtIUMhHd-jhyszKDGGYJyzffweCtKGC5O3sss2QLeubSQzY1y2GErWmAPQJ0SfcwgtbVeqtCAabIRMyOagtIRz49Ep-Yrwc7TJrJE1-SrU9yqxZV8gzhs7-gPssQmA

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 3C3E 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:05:24 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 3C3E 7 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:44:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C3E 0
0 154ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpfly-nhaSGLtvlUKp2eknJzwycD6fq2maqNHkl1sMfCqBEAUiJ492oE7SfiND683pLH9AVSjx3zAMFn3I2XyCqDanVr_WhHxzTt7v04BqIAkyXcHuPMaXvNKZSJSH103KlmE1YvQhBu7lY2BKlInr8nw0zctPJ9gLYYGeCW5DZv5tJ_pPanBX0sSeF_wFJ-pyKddRyseOYMfaemIkZ1BV8quxGOAPOUppsKBlw8IC2fW7v4ETgPTppk26bQuMsJK3XMIKeAkHupKMqQrUzZBUOfSsRRiVkX6dQTvgRJv2fj81CpgGE63J40eqRqsEocmqzbUF5kcApxShVWU6F5reuqfJeVYwNRW8_XKaSDxhMKnYzlVH3XF-3_jNUWrIju1rSKBKfOOnl__ECtfQpPdVQxZHSe87ILzKNeD6xTpIirJaTCLWASe8nRaDFEEqTFKzWSF4wx0Wmc0Ui3Atq6U1_WFzNXYkq2TFPgE5g5fHIsBCzafpbfL9QuYgZWAGNxFrm-UF0aZnv24ym42rjmA3QqU4wp7JTwbdGmys018Wm8zRvsompW-660LRVdj8bhE_nxR4DgkbqcSoG-gsnf3tPRG2H_2mf3z12AygLFkoO10WHSmFv7ApP9bJdQPH8S3k-vdkYmo8vniETTJUxtPEERtRm0pOhdeFJ8zI5jriOWXqH1qPMqL9_EK_dkutq4vvTDwyBVeO2rxDbrpq6t34S7UXwjKMJKv0u9EDDaJttMYDoSYyc2fJNEbJ3Cz2P0r-kI4s7yBAzTMAjFbx-TcgeRWQkWfKNanTRZOXB8lRgLUI1KWRV0ChOGpDLsZm5IYEYbXOTMDm6GuqLs3LnC0yvwN3l3LKs2oZkFff06EkUqdNFURLuuC7PL8iwcfem5NrdNKoxvqwdqpTJVSVa9yGS5SXzYlZoGACqtBuWUovYFngrHwtX3QV8-yw48A0fP0stMsIeSVsDC8uGrP01MpB4-v1UQRELgI4RiIQoN-menAlZDrhccIdJKENr2eUmdbZVauiVc6oL5tkRnRYPXuEE2qRPNfMe-BDvN9ayjeKMNkkcsgY9Bye9ZqkQxhjnNeml9UVnlCqn3SAAssE-qzx2PnL0QGh50Gn8U-XtC3UV6OWfbOvDap3AUUu4I7VHanmd08mrrNxzNaQfRvsI5UgH_wPo1UY59LgtsnhqWAWnfJttnIaD7zbxtnGnHI7gAaRYqQsw6UnFq7IBcN2DycIP-93kq6xLXL1LZ__cjmiciBEzYrrtlIeoMK3soUnhE5kZ-WSvOw&sai=AMfl-YQeRrH0Mtt_1kwAnrkdm_0EfE70i59GDTzX1d332ohmAqMy91zlZ1CrxkRwaEgHr5hCJk3hEE5yIBhG-b829xat2MsqS8LHCp7RzXD4StmYKw1PzW5wxUYuzHuI8wZL5wHYBgXnxD2nSA9_ZR_0KWiHy18cgAKho-fTJ0q7ifzCQ3VND25pe-ulyyLvz06cErxsggcI7dkwCh3gEj_c7JX1ebgR58WL5P56tNJDLOgeOkEFvFXNC4bHD639jHrPFb4j3gAIPnwOdWj1Oowm6DgBHQ6BV0V2Q-rAztCJmP3s3RrLpU18nLULFsvUHPahooVVfD7xnWZrVwVv57iGZGJ9U9w8UHR0CMysWOhQ2jHu6fWlOTq1-BfWvHxDQ269jUxoNLcQ9FlDT6ueWBWNR2TpEncG3dKM06AY_WencEMQakoin7QnzjHse-4O-GDR7o3HX82D_3OGpk6Wy_D4SmHk662Kzhbcf6KPWEjq-VxNjkOO5Kd-JK0&sig=Cg0ArKJSzGWjWQDTPey-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231106.44271&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C3E 41 KB
14 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 3C3E 3 KB
1 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 3C3E 20 KB
8 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C3E 190 KB
60 KB 1526ms
1524ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C3E 42 B
63 B 88ms
86ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DScIIULsIWzLejh3RP2JHe0BQtht7-dybzWw2Q_aMHjxbTF96Ds6zVTm7t-P4WN73wa8kqYE-bBtW-EVLRB2wGJpl1boOu0bKUdVC_QTUusXi1gd0

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1050431959716421107
s0.2mdn.net/simgad/ Frame 3C3E 14 KB
15 KB 716ms
46ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1050431959716421107

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b338467134ebf8408837506f6e18f61a5f25e36519fe11925cac26236e6653ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 03:30:26 GMT
x-content-type-options: nosniff
age: 472116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14478
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 12:26:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 03:30:26 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 14A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

43 B
333 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNXVhX-4z-UKx15DLiG54RDtb2BZRk28oSF1LrRFIac0xsg8G0_-450Fe8swQIGEUaIok0Oq9NgOJiosg9AM2uk330fyhf1G5sACq2va7-IgAv7N5mSV2xAbk-DO_jtfXFRlYNQ5q8_C4fN6LHMxMzBkfbtiQF6oI74lBKG4uFGCBAhXsl4
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hC4Y2Rd85DOQ8zfXR1EHddLWRB9ylci6a3P3clvehpeIIvhadKqYWfsKminmXCoruVVE%2BKK6F85EuABcL2PPU05Q5Cjb9FinrYefeRglaNTT1KtrIWYAxRlyqgGnMzEzTy1tKZvZ2NsiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd83cd83195e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 14A5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBTSWu1fPIyWra2mfKQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

43 B
732 B

41ms
39ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNXVhX-4z-UKx15DLiG54RDtb2BZRk28oSF1LrRFIac0xsg8G0_-450Fe8swQIGEUaIok0Oq9NgOJiosg9AM2uk330fyhf1G5sACq2va7-IgAv7N5mSV2xAbk-DO_jtfXFRlYNQ5q8_C4fN6LHMxMzBkfbtiQF6oI74lBKG4uFGCBAhXsl4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRv1MWAiyMMO2F5I0FEiZDyYbXmnJMzZcA8P%2Fu%2F5nxiWMqDNVAqRfo2KCQh8Ne22hh4gl1xTG0XRQ188grKhVkaKSib5u2SlRbS6uJ7wI6Gb1%2FFIYJ1aXhppfbtAqYRjtF7nOC8UQ9dvhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd844f23382b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 14A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

43 B
838 B

14ms
13ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNXVhX-4z-UKx15DLiG54RDtb2BZRk28oSF1LrRFIac0xsg8G0_-450Fe8swQIGEUaIok0Oq9NgOJiosg9AM2uk330fyhf1G5sACq2va7-IgAv7N5mSV2xAbk-DO_jtfXFRlYNQ5q8_C4fN6LHMxMzBkfbtiQF6oI74lBKG4uFGCBAhXsl4

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
an-x-request-uuid: af5aa6f3-d32b-46d9-a956-7c19fc1acb49
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 14A5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

170 B
243 B

30ms
28ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
an-x-request-uuid: 386715e7-ec52-4bde-b2ba-36f0dd842c09
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 621D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECc_3umja8BXpDwfZpTbE70&google_cver=1

43 B
105 B

20ms
19ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECc_3umja8BXpDwfZpTbE70&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECc_3umja8BXpDwfZpTbE70&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 621D 43 B
295 B 55ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 621D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEClkYVrNbJl1RCVQp9am4uc&google_cver=1

23 B
163 B

46ms
46ms

Image
image/gif

2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEClkYVrNbJl1RCVQp9am4uc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM
Protocol: H2
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 14:39:01 GMT
pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEClkYVrNbJl1RCVQp9am4uc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 621D 23 B
163 B 127ms
51ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIOtwPwBMAE&v=APEucNW5o_9MeZAIeIzGNnXrAxufL8Vb-0-Hclk2HMgEWOMKLONvnYc_f4jqHB9tn8FS6jeias_Tla_fKN48tOMveLcYPhgRZek7FDjz83tX_34bnlOj4QTzC11QB7-nbSQgPCixi2elfLqg5v6GUjrh-XPoUQNJmJuYiutV61J9-wlipIpSmzM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 14:39:01 GMT
pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 605C 10 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 13:19:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 605C 2 KB
822 B 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 605C 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:51 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5A68 143 B
166 B 134ms
134ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:34:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 605C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 605C 20 KB
8 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 605C 190 KB
60 KB 178ms
177ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 81801f102bbf3ca11da2806ffde236a3.js Show response
www.gstatic.com/mysidia/ Frame 605C 37 KB
15 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15369
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 05:36:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 777C 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5598497176721&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 777C 0
20 B 116ms
116ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5598497176721&version=m202309260101&ct=119&x=1&cor=4850034070412580000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 777C 91 KB
38 KB 163ms
162ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnrRULXXxvRRVltGKTaNAkXEWXiYsbb7mVCy95pfzRg5UCmOmezozquz4IDhVsKOEW96tuAtNYhuLjCJr-o8cZ6mC4ji5L_QCzTRKIWVHntsfQrzrp48b4NKZkIY7lazHE5Wdcs_CSmZAXODvX9_D9EQrjqsp4ibBZR9C_oGtoqJiF0NRzbH9kDgBJ1Xh33lZ77GOs&cry=1&dbm_d=AKAmf-CgXNpXd1QsUXp0LpEFomkJaVjwg0d1kyq1cVsT-lFgFnJI5mGq1Tm0KwlUWTnVcRsjFHU2l6EHzrRbAmPD79-P8feM4S_b-GYODKWgYVzH-03Tf5Fw9oY-EDw8sDoUxJZn3rKokDEuuOh3W3pPkRqSHAbfYO6wqeI5WbprfRHICkUml572VxG-_koC-ziOHkMoKiNBHsC5002YubXHqHp3O6gnWOFLaO4yUiaNk2ZZNhnO062D0PQdrAeN90q9sBUOk1IghC5TAnAEOe8VQ3I0y0lmzzwKxSQc_GnblxATSebjbGF5P2VtvuIaF0n-UyYb_HlBGyP_G2MXJF5y963IoyUYGzQwuvlAScWCmNadyijsEozBl0wOIGxy3XafThA3dT9CYPy3t6XesdR1nSWKWQQAh7REQnb1Qz8_xoWvcSD6HDhXOrWSp-pHfgh6zGmzeZXXAj1iiZEQY2i5E25sOaq8GHyOWSpbj3WxEz_JGbIq9wXrMHJbHafAD5o2U1l-zep9pVcjlkclFrv20514d1AvpTN9Z-ho8N5Dv74NdRgOK1qGtacA7ct43_RjbnXwauSPfSQPMBDwr1S1nr1R29ay79jGNMuLbjgGrRPSaJorv3dsz-E_M_eAuQqspNJzKjlrDhU5J13Mu8_Gfz9FkibKYnomPVLRIaESDQCBpx9kItdWmGFCC7uJkh9ncv9qzHlSsZNhT_OAp9mCgsbE0yU5BTeHCQQ0EfJ8x1CUyHIdupF3ffR-DdSUu9OLGKxpBjPBMe4CrmX4UbkIBsAPxGLKMk0VtkR3zGHZx4XFtQfc8C7fzpkEyQV6nZpiO-dag6PlcjXTsj-zNDss8IXkuhjkzE7Qj_VLF71x2ZaIiTjoQWwxzlYV6pnXdDXjn5ov-L2qcNF-zyXlxtJUjyvqCcomhevuParSwNnZmElXia8w3-gDZKOX7k0_e2Zn2Go7myuBZFCa6O8Locb4_8R0qTLjzArRV6RrUDt79P_R2BNbrcuuSwpgORE1_QMzDhS7yh-pXzuFM_crMtXq2cL_IERwCldLWfL_qT98Sosf909VkQwqvufKOuuiN7QFQdQMM_QXSuqLRhvvq1IcqfqIZlQQyRPubQvL5-0hgoVa_ngC5qcQ21nUBWBjBlCB1-4i43NeHKyrrPRk3UguY1tufQX2x9aON8vnNwx9jS78l0TYZ-ibmaNd_lUL1ybwevrT9gFkWOsILhQNCBsqjOkvn5ffHZDG6Z9EOKBBNsATL9lcLuHUAtko-6N54rCSYjCS4UVwOERZt2NUJlhm1NDP8XnPX9oq1hbESkeywf5UDMpX5N8-W_U2iw4p49UEmWTvdKlp1HYSkr78RHduIe0_iSeG_pV3NgoXUE06p28JrElu4FJZmq2jKtHHUoE_Fr-N_xe0uLVZH1hMa1xtUYQKTB3jPq8Z-IvCAsZRxprGzYPwL-GdhQsBpdS6Ih5ZlIoHPvPRbJMKY-nChDDh9lsFQ164rlCy5rJugan2uGs-RqPPUbT3QKSiinF5Yyjo5jsl1GJvpOCp76tXG_iviI4zew3oQBlTP3406wmUneom_Zy0-VMEziHwVqfYsd0UpijqnkuYlhqLSLxtLULRjAZgqc91AEVEHKC_5K-0_j8_pgfd0k3sCn6Jm1aiUomkULyPhL3U2ID3knAno662KWobFTQKrUMHV2MhwgkNbNGoCiO2GP3ZlKWe20_0mzRCd0QviGQTmovb8l7hx-9Z0UbgGQ7pgjWflhS1johZyPSm4bCqVv641UwBKSC7FrYGCASXhgyAVAp6JkhjCWcxaPBhw78ijPB3tddyQIHv1qpJxoVgO_NNdgPbkjcJp76Cy2jnnjeWjM17usSAFYd3dB8SkalVBvjvCE9LlAyNXcoY0LWfg7bglMitYjpEcTUvlRDHNXX0K_hcdXng_jx0nKItZmCHMkLako_GncIkoVO2uhu_r04xtqZcReQxWn-yzK_5WQNcoFrpIgT0J2UsB9qJBQ4llXiJZrivaiOkfBGBRc_AkYEw_rx72bXokhfsH-hyxg6ZEEW_r1u2p2jbfx34nejJnd79pIErNFsHT-g86eIH8UMJfzbLLK9498BTPIcpUorHj6f-HhnLZOoM5iWNbZ5x_7ofilMHG6u9pLcFU7uqIJoZC8XokMzv3s8lL0U1F5xzSVb1cDygjhjEncegJW6xE2KkaE69jzeperv6Tu8wKe8bkLWLgY1vKL6Y1AUVTZeneDRZTr5-Ef4Kjk3iz6YLEKBiG0QP1HIozgh77WhmPwtrGdKcjnTCg-X5tGT0V7_UtvKbxFW4nUztKXVxmvscfopDrkYlV-lyyWVLqiqO79q7QGhIi5tneahvj9foeTZQYkmv6feFF4vttNuPTgO6jj6GEXiY0aKw3ffwo81ZiEgqvIxGjmRR2u5Y3nlKTvLBlhLkmUIiE-xb2RP8aSlR2C4BVfwwGSDQ8Z_4b8HOhelHNr35a4z-HrC4QY67CFxaIaWI-cBx1oLIev2dCpVyiO1mkNJzpGu63HRDlcrLWTeAvWauvRt_-8qmgZHBQXt3dx2BqgGfrp-WHS4hewuUqCp3GRxfkkhpPscfXhhWBZz6OtjFgUSJJgOliS8GcJT3vK8Tw421Ik7ABBaM3dgQ_WwcpxRrdyGJUWeXYKuEmMQkEEK0YEBt3u9DkQzk6tY0eBkrH7Uuua2vvhyh_bida0fln451TlfVa6YkgT8KFQTCP1fZQRkbS6TWX0Pvu0ibeWbUE4u5PBwjLOilOdJ_-t053XDuccgBJ6GJQQUtmoKgkFLFJQ6HlVsDGqj1HMZatB-NxVh1_La0BYRlM39cpIeU6oWT6QkmVl0tVe5U2ai8tmZL81truMTPVk3cPLgIqE25x_PLdF9FSHwPth8NY0Tf8XJgFifq-XmQ-LWa3E_ptg9xEElpavbIZ-riSa9z6m4G24Rw5UXHBe5O7uyk3Zdk3S_J891NQMSrzid9966AIYhEJkQ3cG3zarlfdYpTPTTyRxCj4-JSbrIav12maJZZR0SBfyOWh0ZTiT8CNUKftXqXNV1UNITsV8rhBR-ZKRWQ6vXQ5fV51-kr18QoGSO85g-mxmFKBcpiTtM2QPCadflO3_jBEGQWorNmH6e4iJ1_iTKB7JBtgCle5DDj6-4SwURnymMYWdfVBWYNCq3E1PgUQOaR5ifW2yvHfUhj_93JWjvCVEYJC-f3EzjQpqnNSoaOPwu4D7lcXCJrtJE4l0McdwC_xlyUru9XUVmRI9qjH8zK2nzy8FCwaXSt7YVPQ3G9eLl4j6AC1DtcWlhQT3iEGFtVmGA43qUzQbBJOk-_ei7OWveHlz4W2uOcjE09hzFHnH1EgeuA12o08fBUMAlY30SFa6lgD9Qgvt_-W_P5iIcz72Zvhc48DKcRnadma-1PF4Ocm1pTwucJxThVrWsvNX-gyh7tjllENXCTMV6FytjfAmTPbx_skW-orDcOFpXWfOPrnH4dPqM83vfPDo6tcLNeSV6ByOvMeK-ooHOarKXL38WFAkIfTwuGJa5Qa_R-pwORrIxFI5iyOE1GdaXlbWuQ1u3b37AZj06hlraeTwVqJYjUlLx6s7JPqh9Fm_60S5_LWvv_Or926TcwWlh2M8456MA4NjGRu3OR5q9N1ewhWMY9p-2C5Kk7Mi1XcGapj-u3xMZyL9JqWa1qKRD8RAp0ROBqRG-ZO8fOAJrZ-J2LTch4z70JvvH_j8SXNS9hl4l4zLf4ktoDGspGj1A8JkaAoxZaMwEa5LUHd8jr8dQacr_KoRHAKL-Rmdf3NGYmLIFQbCQXqll7fdN_mgb2cOJoyVTtVzGymP5sm5sr5ob9aN5caWcaCMKxITRq_IH32gAuUeFVC3fOUSKUqKVVC8RF_3Ot73y1kVe2hpmT8WpQ-tIHCkSqXimQzQdR0zIltZmiklXdi0YNjgUb8KDqOlGQ4PPgkbIxnphRCCSA9c7r06SatsmHb2i6tMaHDZzK0spaLZGx9C5a7HPARqZEFvCZq8FjLYLGeRpuI40um8oxKfD-AmKQH_qYsY4FR1eEp8EgPQSnls9VCOlI4dQtWzswhbj8iBoSbNm53mfq4YjonNYAO29KbpEuG8LQeEwTuO2KWoHtEfmAw6Q0VDLuIbxr1a-rhBLnSuolvlhMBd8kIwJFwxI_xrov_w&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxiaoko.com%2F&ds=l&xdt=1&iif=1&cor=4850034070412580000&adk=2988274607&idt=145&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

450d57a3d0c3b4a275ca27e4442022105fd7a389a5701a00417766ebbf0ba3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38902
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F8FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1

43 B
326 B

42ms
41ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARjZjo7uATAB&v=APEucNWAFlSS2KsKVYTERGuzTYuREJzF9NjbSuSt2z1z6jlZkJxB5MqaFYtIUMhHd-jhyszKDGGYJyzffweCtKGC5O3sss2QLeubSQzY1y2GErWmAPQJ0SfcwgtbVeqtCAabIRMyOagtIRz49Ep-Yrwc7TJrJE1-SrU9yqxZV8gzhs7-gPssQmA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lU7Zor3GyWz7cFhfF8gt%2Bj9WaGtlJbyKi7rvez0Juz8q9OCtOiw6fi9Hdvd6rlVEANyM8AVNll%2FphwmMzMlF47W8zWjqADJGcmfsLhqdynr2bL2zMY4R1i6XJrbCmcAlWuE5%2Bc%2FrxUI1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd83dda6195e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F8FC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBW.39yzgmWcj8pGuWgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1&google_hm=2

43 B
735 B

37ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARjZjo7uATAB&v=APEucNWAFlSS2KsKVYTERGuzTYuREJzF9NjbSuSt2z1z6jlZkJxB5MqaFYtIUMhHd-jhyszKDGGYJyzffweCtKGC5O3sss2QLeubSQzY1y2GErWmAPQJ0SfcwgtbVeqtCAabIRMyOagtIRz49Ep-Yrwc7TJrJE1-SrU9yqxZV8gzhs7-gPssQmA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCFVoy%2BEWVWkHtkzcskRNEOnjkVzYV8egJ1YzI8FEXyaPRODHPNXhwBCJP1rdoUHoIyvIzy2%2BjqV9QTCh9BiEUMqHW0XLy6bF5qieFogr5JyGbx1aY%2FBghpv6UFHO2z8BIc2NZnApuHSMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd845f3f382b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOxSLtNWLNvdESMxRGsF4bc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F8FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

43 B
838 B

24ms
23ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COTnywEQ-cP-ARjZjo7uATAB&v=APEucNWAFlSS2KsKVYTERGuzTYuREJzF9NjbSuSt2z1z6jlZkJxB5MqaFYtIUMhHd-jhyszKDGGYJyzffweCtKGC5O3sss2QLeubSQzY1y2GErWmAPQJ0SfcwgtbVeqtCAabIRMyOagtIRz49Ep-Yrwc7TJrJE1-SrU9yqxZV8gzhs7-gPssQmA

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
an-x-request-uuid: 5fdf31d1-15ca-4b83-aa3a-477c8ef81616
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMtUiLVm_S7HcKb3ctas2ck&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F8FC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

170 B
232 B

33ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
an-x-request-uuid: de1bcbd6-e82b-4fb5-abe1-5b7f7089ae5d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3C3E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 718aedcb97d0479f9db6b37f90ee9374815bc129c81c6782db7f09b46fa582f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8307 38 KB
13 KB 22ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 541481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 757F 0
20 B 77ms
77ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2718363509109&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 757F 0
20 B 56ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2718363509109&version=m202309260101&ct=119&x=1&cor=13271109299802440000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 757F 91 KB
38 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BL0k88O8ptQNXP4Xw8bmNfH9BZXK_FfPcBKvx1O7zsfBzyHxeAPxOQAvmO12VFJLQDxKF-p-7F4NbO3qprg8BDTrv6MTVmC0nxOrUfT0m69tKlm2pSEXeDZrieDKcMLdP4iPk06mJWa_YcdzilpSuP41IK1fF2UMZnI3oF2yXoW55xt_H5Dvk7Wgvfrst5wCUC58-H&cry=1&dbm_d=AKAmf-CBDRdkpoakf89N2aq0KC5EggJjW6txTlff8I8qyGXC3pjgBBufmJV86GSEAsa2Fuh4i3T-_JMNOkY44KPRR6jTY1RTTkLJQnLh1Nqm6DCLirnAn9Jtv3MW0Ka9JslK_FIQ7wQhFfIaR2EHjvvtd_jNKyZTsJFCoSX3_uwl8F3Gr5t01ozPVtvEMnerOkvCUQp1dGzdQrsYdRmGY2ZMMy42E43nfpsVGUlkIwThjWc1-sGHiX90A1QBHsljgaRzAIROEUXagC_JNjIwV7-3bk-hjo9IUx0BzXL3PmvlsXbwSuohkL2QI6HPzwoYQ59f8PVz9c0Kkr6mNksCrGGtsy8Q5_u1T9lZlfJr4dWghMW5PYT7fzE-KgACauGApjO7lQSttPJi6PfyqSIxIPHxztgmTsMcxmixu3zK8h-4WIH6os4HeAQtQgv105TPoQqIUdwr6LG4Yqe2psbiVWmTuqTJdQKIJ_eBOtzl76wW6uGdkvp_eD67K0_PjuWKdDm0araBoZzrmIG45rTJuEF0CdASYMdgz9X4wn_QCGaMPsXUIoKrPRwA2UHt2NXbEHSYNtm6r2yYUNX1r_rcvP-VohMNndxpaX-dlVN3VPhDXuAYjHMeq9aGlZxdna5m__XJXtRFnt7WwfGE_pmYIboq0RuhGwzRaxT4g5Qj9gomXIblrfxAn5G2ING6qDFJD8bgucLl2QzH7W24Rh7MFCZxItvU1U4G3wVjJ48TjuLot4gahwXSdQ0OOloyLUxEBmLwqmMBJOtS-kc40mtxa7hs0K3zHnmcFZG5W7lpdYgpSMPQN9MaLRbFMU1wbfJj_4eR3aRwFUzfhGgkzijpte9lNo4tG4wql12VaE2MhE9jY93ypWry_uzJCdY_RteCjYb-lkr49FWv61eacnZiij0DvvLnoHbHbfdU15IGQqJlpIFFllMN-FRyEiQg0d0HL7rCmkDVfWtwkbuCmtags_EXoJIAAsz3nJ9v2yM0eho1rxFztpfyGwkYTJW3IJZIoaJapxAeqIvMIE_NypV7OHnhmByogfBlhATnw_y35RDgyQOtzxfgcuWFyk57gGdHdSaZjbFwL0vyY3UIm9OiN1dcV7M-5x2hmxtRcjqL_IShy9SYhGy3J5ID3O24VuRO3swdLg1QWZCsR_oFeZnjoF5YUUt6AsrJ8tPrVlN9nYJSQ950rvoFhvMNxbyx3l885Tbx3Yw40Sw5fSxmBubl0CouG5KskLO9TlN2iry0XfSpj2ncqDpSeZrwr5jMmCAvo8Tw60YapTyVjBhx3gNoGEqCdw_Xzs4IoyswJgS12acNHg6CJs9IVHIFeJY0D20q8OKvD-FrccPUn-Hhs6Ct5p_tHLIST2crUC-zLkop44Ggae3egE67X8lrxlGs_YhZxQ9beqhUB0HC0uzmG4GQfiqgxQD17erJQGSFLSrrfhdq-p2JSUky7_Q_lft0N1f2LGfdJkeEVqmrGwiESKp6yIrQY79U32nm_jt0QFxwB1C3uUpeo_O1Kw6nm1VPlKL8WCYo89Q8Q6f6-bYLBNvJauiC9-G4Um5ZSeg0f0JQpXfDaLL9IeQxZMHtH-jkFVdWFnTJW7qM42q78G1_gM1hSjtp_aWJ69vkPTVtJhyH-EEWTg5qAK9ZHyY0CEBCRuxC1vUQ5TRhd7p62rMRqwZz_khSJ7OQOnNMYDENtblWHNbQGw2wg2kIVmpaZk59LHDpC9S5fuENei9Qb2W1vbY4nPhTYNQx2ZxhSg9daCe7jTpXLVNo8krWdMKSNJSRDs4tssITvUGPoi3SRpv2B1FZr7ZaeGnfaK5tLVITqaG7u89vTMvh-zUioOIOzqJsOhvBsYwD7SDXLDZYwkZiBrLsiu8IEKD56hUx5IvaZfX2D9fGopIHfXn4TUeuBrYCiqlbtFb5OpninhdKCtUXks3_3qn7Pu_WSM_USfGj4XdauqyMcP12cOFoc4GOwOIGYZgq3LmCJ0DZMvoCFNnuIMPCXP2hrEpoiVUpkJzmuESH-sUWCrO2r-GbQuUqQem-bj4SUjF2JFhfkyfUMIZn2AKy8QMgf64dAjENrJQf1etCPaHC7M__Y-mxrjo5YIzSvHhrx6NIAF7UX668mcgIypSp7og44ga8vi9cnyv7kyG-KTTgZziNpnJ91_TuvrX0UALM_U8VdRpsSsM-pIaL8ZjYJTW-IU9tb-mv10wFcHdUi7QU4jvG3556QcV43RReVkzymFHtLjY_m_cFWNRuk3VNX-L2PwYKL28HcijgJPpXrvVkvH0iDRxms10ADbzLSPZQquMHTDU89O0hguqVBe3Frf0b81nK5TclRlJh5dUB2EIOvI8RhuAF17ocugXMjBbY703pEG5siXFyWmxPyptQf5LCWuVBmDaIm_YKj3gMlFTzqLWfDHkuoiAtawnrbiTL4nYMxTOLyNofi1BU1Uq_14pJ49Zz0WzD8rzMYaCXZtv_Y_7sNFWthNzWPqU_k5LLE2-aamj5BUJZ7ZV4umCAjXRsZtFs3zDjOmyb0f5xjqo8Nr8yGpDSgQPLVl96fBXCa23DJ1h5lnQL1NBWm-co929_BDa1qN0lek7b6hh-Ii6hli-DTJdNErergt5jRVz-FAsSyrClsqPJ4K_LvarMo9_RkZPt-ScjtkDrOnOIj1Q1kkjV9hlJTf1xQwV9TwAvIkKjMYHy3vbQoaXg-5XA7RVhcc5vKUdl3jYW0Ou5zSQBxKk12ZOJJD54auhfr6wo2IDEp1nDqcdWdYAThkyjSsxsae_vE-3bDqglFoE2F4APZ00nbeaVQ_7B1Q8RiuzXVbnMpT-Q2L3gA6zTG1PFFgatmRngB3dYGoAZTzqV-JuNh_Ye_8hcxi2f_UoZXytw27mAyQggE293MD77NWfeVT0IuO_1ZNm4C33ITAWNb1bqeHztjfJkHVu6WBN9Zew8oPvd3LDJT0h7K6bs3zEutSyF0R9EISAGe5pmuFH3xCiIo-zuZx4Antz-VC1zvqIe9XTl3k9KaV4FefyorgXS8lqyoy4vzt_Q1PZ_1PaG4ll-W0G0aMr6XcLjSOxyA7tzxiOduaeLXGlLUkncGzaVAqiJRX6FiIIW-b6ctI0B_5Q6FFCLfRESOB7LmsmaNMAu7VvZkT3NkEHLqhqXBjpcnnQ1ke8A4zhC-WPTprUH_qnVmMvsnNTLtBuvocQE_j9EPwr3UPNUdXKxhisvYF2d_7zwIaL8nLPsG6vrHCHb7vYJE2qAjqNZ19XcyYuBgGP5x_ZXO6vMFELlSQ9X2TvzfZ7odmLnwMBUEkaou1rMDZnSIgEnvRmHowrLh_BFLhYFnUhDCmYyPOzXiAb-67_XarNAaFkng-AbiqTVzXH_qN9O5L3D6aLtnRdiJdZG3D-ZayzrYZbB5POZ9wEa5NwbOX9gp9BbwUybqAfegzXX1bPHc4zVxcraKkfdufkCLY5D0F9TugQ4U1YzY5346SC6UM2TsAluBNKsewoArIO9ADJTaVUVK9FULCgbMXg8YoFqxgs2j514suIrvThhu-kJBKDCOErfLHb7UcVFyu4NhVdiz7iJw9cOUyr8wBi2wfWu1Md_GC6Ae-Ts7KVmj8vs1Rv_lJnOFRMdEuCJcZ-FEDbsgV2bG1T1QvRe20ei1u7VVt5SkQXqSL6Cdtc__Ab6vrtoYLkJgKeMqEYtqeMTgiV6fxhaQYsPoeiCAyxTPKvpEzRDcr6PeNzMIrJYUYjvsxFTkXEXlGmuuk378DWQY-jcJTKsxOG58EPjSPy9xFFPAc98ASbaB3zqzoZvltdMplTYHMKaRt9nUOYMXL5-Tbr2xw3cyqtkb2m8nui-Bge2apYZTF4V-zpGJEc3rV6Z6QzFRQh2NsACmLnBPGtKYy5sNDeIHw7UUOVkLa1G5yLNnqhFp1btUgqyboAnd1qJ5kxBOhXTOfd90atVFSyvLGb5HFsNfA5MusBXra3hR71fQWaO8GrrlZN_xzv_4J3LVAiJmFOGavEJ5c7gjb4DaHn4JVlHxWD65_og23T6XKgcSdGo2ZivphA52Ooc0U2uZJoQg0qRyXshOyeMxSEy3JaAxx5OmvFUIpF76ldn0IF9j4ap0tikKaEPxOX3gxnpVHUE86tOYE8EJ5DUfzjXeUOCRceSocmTgjox2hYNiW7iSG9Ftx59SW5Qr9wLlZm-io1Wfp6ohcI8DQ&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxiaoko.com%2F&ds=l&xdt=1&iif=1&cor=13271109299802440000&adk=2935317967&idt=237&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1656d22c737320bd57982119051cd7fce91107aa982ff942a7bdd7107137b2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5A68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
expires: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B53 436 B
234 B 302ms
302ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=250&adk=278681618&adf=394435418&pi=t.aa~a.2333419348~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=363x250&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741170&bpp=1&bdt=2753&idt=1&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daba9c157b91ba6ae%3AT%3D1699540740%3ART%3D1699540740%3AS%3DALNI_MYp4gp0YF4TTj5X8T803ZmQWmXOgw&gpic=UID%3D00000cbdafd7391e%3AT%3D1699540740%3ART%3D1699540740%3AS%3DALNI_MaOxlk-kBcvFBoVQfq7F__PEbbv-A&prev_fmts=0x0%2C1170x280%2C340x280%2C340x280%2C1200x280%2C1200x280%2C1600x1200%2C160x600%2C160x600%2C728x90&nras=11&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=619&ady=4533&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&psts=AOrYGskFO-QE1O0Y17GhMHbq8iKHN8K-TTFIQ-wh76gpgNq6ZXXHU0qXE71icF6SrhuWcbZPA7kNCc_9k-7YDgDdzvLw&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=8&fsb=1&dtd=659

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7230f9aed5b09052af2a66cb6b89ae23545c00798b3e8c15d4baf0df6cb8f6b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED51 624 B
242 B 199ms
198ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe_g5gEENe2yZwEGPr3_vcBMAE&v=APEucNVMxCqX53FcY_JF2cM4cYnRPpDLqyoewbtcbUbRgik1VNwwPYMNq4cy-C7wc6Tohijul81pcofoPEmiRtquEvxvYt5ut90hwRuEDMAaib9UOaXqJRgYH504MHEpZ6R6Hwv1ayVZSGiUiQrYwBi-VrjaSJH4_KtCZ-NvPSHatHAxED-FoIM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame E07C 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9286
x-xss-protection: 0
server: cafe
etag: 5170786266788330719
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:05:24 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame E07C 7 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:44:53 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E07C 0
0 65ms
64ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshcBcFf7yilSKdA1MFCeLZPptodmwXLxVj9F_rssgIRkoDMyN-gbdNW9tdU2h8CtsA492q-3sfvSvQAyCWFEOm4ziYakqw68HsZhCyWcJ1i1v56P_C2DWJNhi2rXq12gU3pFHPI-bNl92cKa6Gy39QIo_wXoEOraA7MhWXZTs6BdQmB7b_48ofuN-NHtwlq4OhyslxxASLBsg9pAvJcRip80s74_lF6iRl3aNwl644SGfFvytfRTe8b-bs0P1noJgJ9bYa0PmTQpAEw1ywRVmNL7M6dC4a-LVEHOV1nw76wEVYuAzhZSuCzbXTnmRHV84WYhHRl0_W7KNeY9PnVI8ppaGiVeCa_z1fXWI4CQglEaStd6fW7jhTDfMKYCtay7TfoqgaGdu_ldxW6_2nwHtEDTtwzbChuSx130DoP54BxjvzGiydHynzZd9OQlR1crfhnhzA58AIlZ1F5kC_vYlzIj2ah_zkzcTwqWAf04BZaljB0Fodg3DQn2xfXb9lERDu4X5o4j-x5CbIHf6gdgDPL3GhkOwa1_GlkrIXKZqTfibqEor9kzqvont5is_noOWjXlxYQvWG_1oMfW_s1N5iyHLcDGSgebPV3pOVNWXQWTNbbgZnyadEGnAgFw4DtxmDer2RWdnIcrhTCma_k7ik4r8f-vOgXB6AwQ2bkmxLXg4qGuTwDhfurU9aQsASP3_-aY4SDetYvz7oPNambDc_lp44o1F5dWERV7ZJOge1GFbBj_XR9LVni60IfhhPdEzkl2mEJOfgbGYxKm06B25j-UfNd-zUpNpdxds5SHAKJlP5GPtr2Mei_knb4I_710ghtS7ICcJlS5mvDl18H2VU6Y9Dn7KC3AyL3dMF42MdkCNlSqAzM4IJ3YgPxQv4hHBKOLkmwmqbEQFrmN9e1Df6qgflKJ0zfGykk2HHiNfAwGSDZ_-4NoszXizei6yvck6AOfQ3krq_4IgmM-_NXcDDD6Mr2sGLuxe4aLnuAscjxG07mF8a8HBDZwULrQxtpOgF-9eesINk9kgbPwQPN1b4NhcSNdBKEvYiXQ_MFgBVEli4MvTwtZQnZ53X19NBDDqKXM0ETzResUjrsPYWkvZCIL3rJJ7bxJ0hojm6MWYcaURWhM7mvakOZLY_dvzx0hUc04UHYs2FGI-o9AoNgNBboJMsiKwu7Jg_7JDBa8EyeCpqirrzjRcZ03k3-Fjq-FndouhdfRXDzs9Bh7FWINKCg-dGyUKiVuunxUU05daluD2UONen_icGmJzvsOq72hgZxf1NdyCF4BRkT_nNsPJVhswe3N-5CytakSVDb7L1tawpEQpf2KtrdvU&sai=AMfl-YSAQDNPhDZjKW9DNl2Wku_cLrGPXu2hsNbw4Wvvn09QxhMWPlARFDqWWx2fs6RsY-K029hGgyHQbGV--Pm7nCCNR0A0wH9yyr-pV0DiqbeJEKonIbXMrdLmtDMbHLfbGZwk9CG0P7-cef1akgwCf6Emdof13XMphab1k9nbbNPDqiRbG5g8zziqse86GZDCa48lUY6FZATNoENwUK3cfP74JnRih-owdPQfVD4ljACS93DXIMC_2mT47w8dG75GtBkDP3OCvXr-FqzODytSzH0fo6ryTvOwIBjWn_Sl2vd0dGNIHC0LuNoXJnyWA56gVIq1UYeeJb72wEuPoAp2GF7IHG4kp3ZCmPcTyzwsK2PGc2ON7vQRRm5mRRbb2oGMUha4vpgmrEkMcsznpz5FYvBQIpyn&sig=Cg0ArKJSzHlkN3izjKHGEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231106.47813&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E07C 41 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame E07C 3 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:46:13 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C0F 1 KB
643 B 99ms
99ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 80224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Thu, 09 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame E07C 20 KB
8 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:02:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:02:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E07C 0
0 38ms
37ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXyC5u2WE5z3lMVgqNP7dpIY76qLqf6iKM0EcAG-75gxcCQseF8BzcfrjhEF0E8uRb4O3pgPxvfPnvUrMNgcOdNK2zhQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E07C 190 KB
60 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 14:39:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E07C 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxz7j9Ey-K5bN8Pirw7HAInbvjeawRV3zluzwwemclWgvIpw-m9iVMa_D6OQFbET-PGIyg0v7QdbwpVPMpUpPz4ddJZOcp1Tb1L85qIT1oaREmXtE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14505847120283536054
s0.2mdn.net/simgad/ Frame E07C 279 KB
280 KB 353ms
90ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14505847120283536054

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b815051cbd9111e463570479d5fa2517f1a7d6c632eda6ee995961d3f983a6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 18:26:02 GMT
x-content-type-options: nosniff
age: 72780
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286190
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:42:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 18:26:02 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 777C 172 KB
61 KB 400ms
21ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 07:14:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 777C 11 KB
4 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnrRULXXxvRRVltGKTaNAkXEWXiYsbb7mVCy95pfzRg5UCmOmezozquz4IDhVsKOEW96tuAtNYhuLjCJr-o8cZ6mC4ji5L_QCzTRKIWVHntsfQrzrp48b4NKZkIY7lazHE5Wdcs_CSmZAXODvX9_D9EQrjqsp4ibBZR9C_oGtoqJiF0NRzbH9kDgBJ1Xh33lZ77GOs&cry=1&dbm_d=AKAmf-CgXNpXd1QsUXp0LpEFomkJaVjwg0d1kyq1cVsT-lFgFnJI5mGq1Tm0KwlUWTnVcRsjFHU2l6EHzrRbAmPD79-P8feM4S_b-GYODKWgYVzH-03Tf5Fw9oY-EDw8sDoUxJZn3rKokDEuuOh3W3pPkRqSHAbfYO6wqeI5WbprfRHICkUml572VxG-_koC-ziOHkMoKiNBHsC5002YubXHqHp3O6gnWOFLaO4yUiaNk2ZZNhnO062D0PQdrAeN90q9sBUOk1IghC5TAnAEOe8VQ3I0y0lmzzwKxSQc_GnblxATSebjbGF5P2VtvuIaF0n-UyYb_HlBGyP_G2MXJF5y963IoyUYGzQwuvlAScWCmNadyijsEozBl0wOIGxy3XafThA3dT9CYPy3t6XesdR1nSWKWQQAh7REQnb1Qz8_xoWvcSD6HDhXOrWSp-pHfgh6zGmzeZXXAj1iiZEQY2i5E25sOaq8GHyOWSpbj3WxEz_JGbIq9wXrMHJbHafAD5o2U1l-zep9pVcjlkclFrv20514d1AvpTN9Z-ho8N5Dv74NdRgOK1qGtacA7ct43_RjbnXwauSPfSQPMBDwr1S1nr1R29ay79jGNMuLbjgGrRPSaJorv3dsz-E_M_eAuQqspNJzKjlrDhU5J13Mu8_Gfz9FkibKYnomPVLRIaESDQCBpx9kItdWmGFCC7uJkh9ncv9qzHlSsZNhT_OAp9mCgsbE0yU5BTeHCQQ0EfJ8x1CUyHIdupF3ffR-DdSUu9OLGKxpBjPBMe4CrmX4UbkIBsAPxGLKMk0VtkR3zGHZx4XFtQfc8C7fzpkEyQV6nZpiO-dag6PlcjXTsj-zNDss8IXkuhjkzE7Qj_VLF71x2ZaIiTjoQWwxzlYV6pnXdDXjn5ov-L2qcNF-zyXlxtJUjyvqCcomhevuParSwNnZmElXia8w3-gDZKOX7k0_e2Zn2Go7myuBZFCa6O8Locb4_8R0qTLjzArRV6RrUDt79P_R2BNbrcuuSwpgORE1_QMzDhS7yh-pXzuFM_crMtXq2cL_IERwCldLWfL_qT98Sosf909VkQwqvufKOuuiN7QFQdQMM_QXSuqLRhvvq1IcqfqIZlQQyRPubQvL5-0hgoVa_ngC5qcQ21nUBWBjBlCB1-4i43NeHKyrrPRk3UguY1tufQX2x9aON8vnNwx9jS78l0TYZ-ibmaNd_lUL1ybwevrT9gFkWOsILhQNCBsqjOkvn5ffHZDG6Z9EOKBBNsATL9lcLuHUAtko-6N54rCSYjCS4UVwOERZt2NUJlhm1NDP8XnPX9oq1hbESkeywf5UDMpX5N8-W_U2iw4p49UEmWTvdKlp1HYSkr78RHduIe0_iSeG_pV3NgoXUE06p28JrElu4FJZmq2jKtHHUoE_Fr-N_xe0uLVZH1hMa1xtUYQKTB3jPq8Z-IvCAsZRxprGzYPwL-GdhQsBpdS6Ih5ZlIoHPvPRbJMKY-nChDDh9lsFQ164rlCy5rJugan2uGs-RqPPUbT3QKSiinF5Yyjo5jsl1GJvpOCp76tXG_iviI4zew3oQBlTP3406wmUneom_Zy0-VMEziHwVqfYsd0UpijqnkuYlhqLSLxtLULRjAZgqc91AEVEHKC_5K-0_j8_pgfd0k3sCn6Jm1aiUomkULyPhL3U2ID3knAno662KWobFTQKrUMHV2MhwgkNbNGoCiO2GP3ZlKWe20_0mzRCd0QviGQTmovb8l7hx-9Z0UbgGQ7pgjWflhS1johZyPSm4bCqVv641UwBKSC7FrYGCASXhgyAVAp6JkhjCWcxaPBhw78ijPB3tddyQIHv1qpJxoVgO_NNdgPbkjcJp76Cy2jnnjeWjM17usSAFYd3dB8SkalVBvjvCE9LlAyNXcoY0LWfg7bglMitYjpEcTUvlRDHNXX0K_hcdXng_jx0nKItZmCHMkLako_GncIkoVO2uhu_r04xtqZcReQxWn-yzK_5WQNcoFrpIgT0J2UsB9qJBQ4llXiJZrivaiOkfBGBRc_AkYEw_rx72bXokhfsH-hyxg6ZEEW_r1u2p2jbfx34nejJnd79pIErNFsHT-g86eIH8UMJfzbLLK9498BTPIcpUorHj6f-HhnLZOoM5iWNbZ5x_7ofilMHG6u9pLcFU7uqIJoZC8XokMzv3s8lL0U1F5xzSVb1cDygjhjEncegJW6xE2KkaE69jzeperv6Tu8wKe8bkLWLgY1vKL6Y1AUVTZeneDRZTr5-Ef4Kjk3iz6YLEKBiG0QP1HIozgh77WhmPwtrGdKcjnTCg-X5tGT0V7_UtvKbxFW4nUztKXVxmvscfopDrkYlV-lyyWVLqiqO79q7QGhIi5tneahvj9foeTZQYkmv6feFF4vttNuPTgO6jj6GEXiY0aKw3ffwo81ZiEgqvIxGjmRR2u5Y3nlKTvLBlhLkmUIiE-xb2RP8aSlR2C4BVfwwGSDQ8Z_4b8HOhelHNr35a4z-HrC4QY67CFxaIaWI-cBx1oLIev2dCpVyiO1mkNJzpGu63HRDlcrLWTeAvWauvRt_-8qmgZHBQXt3dx2BqgGfrp-WHS4hewuUqCp3GRxfkkhpPscfXhhWBZz6OtjFgUSJJgOliS8GcJT3vK8Tw421Ik7ABBaM3dgQ_WwcpxRrdyGJUWeXYKuEmMQkEEK0YEBt3u9DkQzk6tY0eBkrH7Uuua2vvhyh_bida0fln451TlfVa6YkgT8KFQTCP1fZQRkbS6TWX0Pvu0ibeWbUE4u5PBwjLOilOdJ_-t053XDuccgBJ6GJQQUtmoKgkFLFJQ6HlVsDGqj1HMZatB-NxVh1_La0BYRlM39cpIeU6oWT6QkmVl0tVe5U2ai8tmZL81truMTPVk3cPLgIqE25x_PLdF9FSHwPth8NY0Tf8XJgFifq-XmQ-LWa3E_ptg9xEElpavbIZ-riSa9z6m4G24Rw5UXHBe5O7uyk3Zdk3S_J891NQMSrzid9966AIYhEJkQ3cG3zarlfdYpTPTTyRxCj4-JSbrIav12maJZZR0SBfyOWh0ZTiT8CNUKftXqXNV1UNITsV8rhBR-ZKRWQ6vXQ5fV51-kr18QoGSO85g-mxmFKBcpiTtM2QPCadflO3_jBEGQWorNmH6e4iJ1_iTKB7JBtgCle5DDj6-4SwURnymMYWdfVBWYNCq3E1PgUQOaR5ifW2yvHfUhj_93JWjvCVEYJC-f3EzjQpqnNSoaOPwu4D7lcXCJrtJE4l0McdwC_xlyUru9XUVmRI9qjH8zK2nzy8FCwaXSt7YVPQ3G9eLl4j6AC1DtcWlhQT3iEGFtVmGA43qUzQbBJOk-_ei7OWveHlz4W2uOcjE09hzFHnH1EgeuA12o08fBUMAlY30SFa6lgD9Qgvt_-W_P5iIcz72Zvhc48DKcRnadma-1PF4Ocm1pTwucJxThVrWsvNX-gyh7tjllENXCTMV6FytjfAmTPbx_skW-orDcOFpXWfOPrnH4dPqM83vfPDo6tcLNeSV6ByOvMeK-ooHOarKXL38WFAkIfTwuGJa5Qa_R-pwORrIxFI5iyOE1GdaXlbWuQ1u3b37AZj06hlraeTwVqJYjUlLx6s7JPqh9Fm_60S5_LWvv_Or926TcwWlh2M8456MA4NjGRu3OR5q9N1ewhWMY9p-2C5Kk7Mi1XcGapj-u3xMZyL9JqWa1qKRD8RAp0ROBqRG-ZO8fOAJrZ-J2LTch4z70JvvH_j8SXNS9hl4l4zLf4ktoDGspGj1A8JkaAoxZaMwEa5LUHd8jr8dQacr_KoRHAKL-Rmdf3NGYmLIFQbCQXqll7fdN_mgb2cOJoyVTtVzGymP5sm5sr5ob9aN5caWcaCMKxITRq_IH32gAuUeFVC3fOUSKUqKVVC8RF_3Ot73y1kVe2hpmT8WpQ-tIHCkSqXimQzQdR0zIltZmiklXdi0YNjgUb8KDqOlGQ4PPgkbIxnphRCCSA9c7r06SatsmHb2i6tMaHDZzK0spaLZGx9C5a7HPARqZEFvCZq8FjLYLGeRpuI40um8oxKfD-AmKQH_qYsY4FR1eEp8EgPQSnls9VCOlI4dQtWzswhbj8iBoSbNm53mfq4YjonNYAO29KbpEuG8LQeEwTuO2KWoHtEfmAw6Q0VDLuIbxr1a-rhBLnSuolvlhMBd8kIwJFwxI_xrov_w&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxiaoko.com%2F&ds=l&xdt=1&iif=1&cor=4850034070412580000&adk=2988274607&idt=145&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 777C 31 KB
12 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 777C 41 KB
14 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 757F 172 KB
60 KB 403ms
53ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 07:14:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 757F 11 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BL0k88O8ptQNXP4Xw8bmNfH9BZXK_FfPcBKvx1O7zsfBzyHxeAPxOQAvmO12VFJLQDxKF-p-7F4NbO3qprg8BDTrv6MTVmC0nxOrUfT0m69tKlm2pSEXeDZrieDKcMLdP4iPk06mJWa_YcdzilpSuP41IK1fF2UMZnI3oF2yXoW55xt_H5Dvk7Wgvfrst5wCUC58-H&cry=1&dbm_d=AKAmf-CBDRdkpoakf89N2aq0KC5EggJjW6txTlff8I8qyGXC3pjgBBufmJV86GSEAsa2Fuh4i3T-_JMNOkY44KPRR6jTY1RTTkLJQnLh1Nqm6DCLirnAn9Jtv3MW0Ka9JslK_FIQ7wQhFfIaR2EHjvvtd_jNKyZTsJFCoSX3_uwl8F3Gr5t01ozPVtvEMnerOkvCUQp1dGzdQrsYdRmGY2ZMMy42E43nfpsVGUlkIwThjWc1-sGHiX90A1QBHsljgaRzAIROEUXagC_JNjIwV7-3bk-hjo9IUx0BzXL3PmvlsXbwSuohkL2QI6HPzwoYQ59f8PVz9c0Kkr6mNksCrGGtsy8Q5_u1T9lZlfJr4dWghMW5PYT7fzE-KgACauGApjO7lQSttPJi6PfyqSIxIPHxztgmTsMcxmixu3zK8h-4WIH6os4HeAQtQgv105TPoQqIUdwr6LG4Yqe2psbiVWmTuqTJdQKIJ_eBOtzl76wW6uGdkvp_eD67K0_PjuWKdDm0araBoZzrmIG45rTJuEF0CdASYMdgz9X4wn_QCGaMPsXUIoKrPRwA2UHt2NXbEHSYNtm6r2yYUNX1r_rcvP-VohMNndxpaX-dlVN3VPhDXuAYjHMeq9aGlZxdna5m__XJXtRFnt7WwfGE_pmYIboq0RuhGwzRaxT4g5Qj9gomXIblrfxAn5G2ING6qDFJD8bgucLl2QzH7W24Rh7MFCZxItvU1U4G3wVjJ48TjuLot4gahwXSdQ0OOloyLUxEBmLwqmMBJOtS-kc40mtxa7hs0K3zHnmcFZG5W7lpdYgpSMPQN9MaLRbFMU1wbfJj_4eR3aRwFUzfhGgkzijpte9lNo4tG4wql12VaE2MhE9jY93ypWry_uzJCdY_RteCjYb-lkr49FWv61eacnZiij0DvvLnoHbHbfdU15IGQqJlpIFFllMN-FRyEiQg0d0HL7rCmkDVfWtwkbuCmtags_EXoJIAAsz3nJ9v2yM0eho1rxFztpfyGwkYTJW3IJZIoaJapxAeqIvMIE_NypV7OHnhmByogfBlhATnw_y35RDgyQOtzxfgcuWFyk57gGdHdSaZjbFwL0vyY3UIm9OiN1dcV7M-5x2hmxtRcjqL_IShy9SYhGy3J5ID3O24VuRO3swdLg1QWZCsR_oFeZnjoF5YUUt6AsrJ8tPrVlN9nYJSQ950rvoFhvMNxbyx3l885Tbx3Yw40Sw5fSxmBubl0CouG5KskLO9TlN2iry0XfSpj2ncqDpSeZrwr5jMmCAvo8Tw60YapTyVjBhx3gNoGEqCdw_Xzs4IoyswJgS12acNHg6CJs9IVHIFeJY0D20q8OKvD-FrccPUn-Hhs6Ct5p_tHLIST2crUC-zLkop44Ggae3egE67X8lrxlGs_YhZxQ9beqhUB0HC0uzmG4GQfiqgxQD17erJQGSFLSrrfhdq-p2JSUky7_Q_lft0N1f2LGfdJkeEVqmrGwiESKp6yIrQY79U32nm_jt0QFxwB1C3uUpeo_O1Kw6nm1VPlKL8WCYo89Q8Q6f6-bYLBNvJauiC9-G4Um5ZSeg0f0JQpXfDaLL9IeQxZMHtH-jkFVdWFnTJW7qM42q78G1_gM1hSjtp_aWJ69vkPTVtJhyH-EEWTg5qAK9ZHyY0CEBCRuxC1vUQ5TRhd7p62rMRqwZz_khSJ7OQOnNMYDENtblWHNbQGw2wg2kIVmpaZk59LHDpC9S5fuENei9Qb2W1vbY4nPhTYNQx2ZxhSg9daCe7jTpXLVNo8krWdMKSNJSRDs4tssITvUGPoi3SRpv2B1FZr7ZaeGnfaK5tLVITqaG7u89vTMvh-zUioOIOzqJsOhvBsYwD7SDXLDZYwkZiBrLsiu8IEKD56hUx5IvaZfX2D9fGopIHfXn4TUeuBrYCiqlbtFb5OpninhdKCtUXks3_3qn7Pu_WSM_USfGj4XdauqyMcP12cOFoc4GOwOIGYZgq3LmCJ0DZMvoCFNnuIMPCXP2hrEpoiVUpkJzmuESH-sUWCrO2r-GbQuUqQem-bj4SUjF2JFhfkyfUMIZn2AKy8QMgf64dAjENrJQf1etCPaHC7M__Y-mxrjo5YIzSvHhrx6NIAF7UX668mcgIypSp7og44ga8vi9cnyv7kyG-KTTgZziNpnJ91_TuvrX0UALM_U8VdRpsSsM-pIaL8ZjYJTW-IU9tb-mv10wFcHdUi7QU4jvG3556QcV43RReVkzymFHtLjY_m_cFWNRuk3VNX-L2PwYKL28HcijgJPpXrvVkvH0iDRxms10ADbzLSPZQquMHTDU89O0hguqVBe3Frf0b81nK5TclRlJh5dUB2EIOvI8RhuAF17ocugXMjBbY703pEG5siXFyWmxPyptQf5LCWuVBmDaIm_YKj3gMlFTzqLWfDHkuoiAtawnrbiTL4nYMxTOLyNofi1BU1Uq_14pJ49Zz0WzD8rzMYaCXZtv_Y_7sNFWthNzWPqU_k5LLE2-aamj5BUJZ7ZV4umCAjXRsZtFs3zDjOmyb0f5xjqo8Nr8yGpDSgQPLVl96fBXCa23DJ1h5lnQL1NBWm-co929_BDa1qN0lek7b6hh-Ii6hli-DTJdNErergt5jRVz-FAsSyrClsqPJ4K_LvarMo9_RkZPt-ScjtkDrOnOIj1Q1kkjV9hlJTf1xQwV9TwAvIkKjMYHy3vbQoaXg-5XA7RVhcc5vKUdl3jYW0Ou5zSQBxKk12ZOJJD54auhfr6wo2IDEp1nDqcdWdYAThkyjSsxsae_vE-3bDqglFoE2F4APZ00nbeaVQ_7B1Q8RiuzXVbnMpT-Q2L3gA6zTG1PFFgatmRngB3dYGoAZTzqV-JuNh_Ye_8hcxi2f_UoZXytw27mAyQggE293MD77NWfeVT0IuO_1ZNm4C33ITAWNb1bqeHztjfJkHVu6WBN9Zew8oPvd3LDJT0h7K6bs3zEutSyF0R9EISAGe5pmuFH3xCiIo-zuZx4Antz-VC1zvqIe9XTl3k9KaV4FefyorgXS8lqyoy4vzt_Q1PZ_1PaG4ll-W0G0aMr6XcLjSOxyA7tzxiOduaeLXGlLUkncGzaVAqiJRX6FiIIW-b6ctI0B_5Q6FFCLfRESOB7LmsmaNMAu7VvZkT3NkEHLqhqXBjpcnnQ1ke8A4zhC-WPTprUH_qnVmMvsnNTLtBuvocQE_j9EPwr3UPNUdXKxhisvYF2d_7zwIaL8nLPsG6vrHCHb7vYJE2qAjqNZ19XcyYuBgGP5x_ZXO6vMFELlSQ9X2TvzfZ7odmLnwMBUEkaou1rMDZnSIgEnvRmHowrLh_BFLhYFnUhDCmYyPOzXiAb-67_XarNAaFkng-AbiqTVzXH_qN9O5L3D6aLtnRdiJdZG3D-ZayzrYZbB5POZ9wEa5NwbOX9gp9BbwUybqAfegzXX1bPHc4zVxcraKkfdufkCLY5D0F9TugQ4U1YzY5346SC6UM2TsAluBNKsewoArIO9ADJTaVUVK9FULCgbMXg8YoFqxgs2j514suIrvThhu-kJBKDCOErfLHb7UcVFyu4NhVdiz7iJw9cOUyr8wBi2wfWu1Md_GC6Ae-Ts7KVmj8vs1Rv_lJnOFRMdEuCJcZ-FEDbsgV2bG1T1QvRe20ei1u7VVt5SkQXqSL6Cdtc__Ab6vrtoYLkJgKeMqEYtqeMTgiV6fxhaQYsPoeiCAyxTPKvpEzRDcr6PeNzMIrJYUYjvsxFTkXEXlGmuuk378DWQY-jcJTKsxOG58EPjSPy9xFFPAc98ASbaB3zqzoZvltdMplTYHMKaRt9nUOYMXL5-Tbr2xw3cyqtkb2m8nui-Bge2apYZTF4V-zpGJEc3rV6Z6QzFRQh2NsACmLnBPGtKYy5sNDeIHw7UUOVkLa1G5yLNnqhFp1btUgqyboAnd1qJ5kxBOhXTOfd90atVFSyvLGb5HFsNfA5MusBXra3hR71fQWaO8GrrlZN_xzv_4J3LVAiJmFOGavEJ5c7gjb4DaHn4JVlHxWD65_og23T6XKgcSdGo2ZivphA52Ooc0U2uZJoQg0qRyXshOyeMxSEy3JaAxx5OmvFUIpF76ldn0IF9j4ap0tikKaEPxOX3gxnpVHUE86tOYE8EJ5DUfzjXeUOCRceSocmTgjox2hYNiW7iSG9Ftx59SW5Qr9wLlZm-io1Wfp6ohcI8DQ&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fxiaoko.com%2F&ds=l&xdt=1&iif=1&cor=13271109299802440000&adk=2935317967&idt=237&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51420
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:22:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 757F 31 KB
12 KB 151ms
151ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 757F 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8C0F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJ1CF8mGMZOtHFSqaYjtzUo&google_cver=1&google_push=AXcoOmTtwtRbb0n9eyvRS5LYDmJBxp7t1ISUkWq1VDQAhXe72EHOrdRG6z_HrEZDY-jJGCr2Rcb5_dEbzS3HThD2OPWU3qM1Q0wIsA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkxOTk1MTk1OTI5NTYwMTU4MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBtXMeZ-osRFePCrxMkI1fY&google_cver=1

43 B
398 B

60ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBtXMeZ-osRFePCrxMkI1fY&google_cver=1
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBtXMeZ-osRFePCrxMkI1fY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8C0F 0
104 B 574ms
235ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPBWNScYEdRM4Hsr3HD0zDk&google_cver=1&google_push=AXcoOmSzoZI_7clk1lPTyNSBPC5u-ttC6QSL_tWZzCiHDG6-XE8oQ-ACqfSK2fL8YNYg8Tf0CcT4uxyGgwblgvIeEm6402mIND7B6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8621947540976182&output=html&h=280&adk=27915097&adf=317105336&pi=t.aa~a.2362128664~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1699533523&rafmt=1&to=qs&pwprc=3693813966&format=340x280&url=https%3A%2F%2Fxiaoko.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699540741165&bpp=1&bdt=2748&idt=-M&shv=r20231106&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C340x280&nras=4&correlator=7412537564534&frm=20&pv=1&ga_vid=1157778530.1699540740&ga_sid=1699540740&ga_hid=1189244001&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&oid=2&pvsid=1101596155732342&tmod=522167334&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C0F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIOlPLAd5RYAW-cWBDRlHE&google_push=AXcoOmRF2M6fkkCV1U1Dm9pQYFiA5e3l062icFSHphxDDQAeoyMo0R-Mea...

170 B
188 B

29ms
29ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIOlPLAd5RYAW-cWBDRlHE&google_push=AXcoOmRF2M6fkkCV1U1Dm9pQYFiA5e3l062icFSHphxDDQAeoyMo0R-MeaHaKkLtCpRohxdKZd0d-QYV345GjIKppy0hjfgPHrvlFCA

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ams21050-AMS
pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1699540742.153968,VS0,VE83
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEBIOlPLAd5RYAW-cWBDRlHE&google_push=AXcoOmRF2M6fkkCV1U1Dm9pQYFiA5e3l062icFSHphxDDQAeoyMo0R-MeaHaKkLtCpRohxdKZd0d-QYV345GjIKppy0hjfgPHrvlFCA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C0F
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPQ56rwjfeGhYVlEyOKrtx4&google_cver=1&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_5i0O1Qn4hmcL3yZ4mWfs&google_hm=YGbMfKNSQXSF63Lmt...

170 B
188 B

38ms
37ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_5i0O1Qn4hmcL3yZ4mWfs&google_hm=YGbMfKNSQXSF63LmtRKPJoM

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR6miNXZ9TqgtzlAohR8nGXQxtBg_lenBfn5KLXSh4GZCDbUuTPvzmuvjOlwWZALcBwJI7qc09tRU_5i0O1Qn4hmcL3yZ4mWfs&google_hm=YGbMfKNSQXSF63LmtRKPJoM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C0F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECHFqhROHs5tN7a3wl1jQv4&google_cver=1&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8&google_hm=Q0FFU0VDSEZxaFJPSH...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8&google_hm=Q0FFU0VDSEZxaFJPSHM1dE43YTN3bDFqUXY0

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 14:39:02 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSURUrGiMa2v-9Y-k5hq1jzxS4MBHiSJ68p87mKe1VEt3-ony66i_vbAolfKIN2vnctyvA-CqzshWBsSOKYRMQZ9sHCJQ3_J_8&google_hm=Q0FFU0VDSEZxaFJPSHM1dE43YTN3bDFqUXY0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C0F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKDgT4nkQJ9uwlRGgdCfHj0&google_cver=1&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0jKPRj8A&google_hm=eS1rMFlLelhkRTJwRXIw...

170 B
188 B

34ms
34ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0jKPRj8A&google_hm=eS1rMFlLelhkRTJwRXIwak5RY2VUWE9iUVZ3R0tJSkcyNn5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Nov 2023 14:39:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRytLAClNyr_YVuGPkfylW7F6X5j37QIhQ8x99myHVj5FNrihQFXM4wAU9lVPdCEupIAMmyuOw1gCjoTgdZcuqNNX0jKPRj8A&google_hm=eS1rMFlLelhkRTJwRXIwak5RY2VUWE9iUVZ3R0tJSkcyNn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C0F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE3NFGtgcPV00rcyiIV5tAs&google_cver=1&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTe...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE3NFGtgcPV00rcyiIV5tAs&google_cver=1&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ2OTM3NjkyODYwNzc3MjM0MQ&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0C...

170 B
188 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ2OTM3NjkyODYwNzc3MjM0MQ&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTeJ4w--Dz2wgksi3fk-Pj4hAQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ2OTM3NjkyODYwNzc3MjM0MQ&google_push=AXcoOmSV8T5QzKnfXeW1xpTVLTP9LkApFqjNfWk_HTGK5OcSiupC_TcFI6HNUMzdtWQzZJJrqQoL0CTeJ4w--Dz2wgksi3fk-Pj4hAQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C0F 0
12 B 56ms
56ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_vaAWhMWQXNyMNkRoe_uY8Z4AJJ2VwxXDo4CsRPENJqiDeNQJL3vTmXGer5I2uEqC_Ox9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8307 38 KB
15 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E20D 38 KB
13 KB 23ms
21ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 541482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ED51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1

43 B
738 B

45ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe_g5gEENe2yZwEGPr3_vcBMAE&v=APEucNVMxCqX53FcY_JF2cM4cYnRPpDLqyoewbtcbUbRgik1VNwwPYMNq4cy-C7wc6Tohijul81pcofoPEmiRtquEvxvYt5ut90hwRuEDMAaib9UOaXqJRgYH504MHEpZ6R6Hwv1ayVZSGiUiQrYwBi-VrjaSJH4_KtCZ-NvPSHatHAxED-FoIM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Xw%2FGvBVB2Fbz9i8nGKlF2v1pfRnEPK1FH3TB%2Br%2BW7vzlUwWl%2BJs2Bgzb77pkN1LwsiVwX5VC4gw7yRxv4vuTG4Uego1l%2F0gJq8U%2BgWT3ahcc4hETHWh%2BsKVA86CwrxtJmxkZrtviQR7ew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd86bb88382b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame ED51
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZUzvBW.39yzgmWcj8pGuWgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1&google_hm=2

43 B
735 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe_g5gEENe2yZwEGPr3_vcBMAE&v=APEucNVMxCqX53FcY_JF2cM4cYnRPpDLqyoewbtcbUbRgik1VNwwPYMNq4cy-C7wc6Tohijul81pcofoPEmiRtquEvxvYt5ut90hwRuEDMAaib9UOaXqJRgYH504MHEpZ6R6Hwv1ayVZSGiUiQrYwBi-VrjaSJH4_KtCZ-NvPSHatHAxED-FoIM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1ci%2BV4WzHJp7PxnO4GfYC%2B1Vwjg4k7VY1wTmuS7gR7W%2BTnMANqroZJJxS2JLml5Fc6cs8HGUL2aTdYubnwIXVWGupIy04vE3OW5%2BRdbsfthi6SbqVIBATWbktP3onN8ZzKIkXpQD45CrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8236cd872c21382b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ235EBldG-9mo9ZkuS9L3U&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame ED51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEHknCtvesLV8RfhgSJ0c8c&google_cver=1

43 B
841 B

15ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEHknCtvesLV8RfhgSJ0c8c&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIe_g5gEENe2yZwEGPr3_vcBMAE&v=APEucNVMxCqX53FcY_JF2cM4cYnRPpDLqyoewbtcbUbRgik1VNwwPYMNq4cy-C7wc6Tohijul81pcofoPEmiRtquEvxvYt5ut90hwRuEDMAaib9UOaXqJRgYH504MHEpZ6R6Hwv1ayVZSGiUiQrYwBi-VrjaSJH4_KtCZ-NvPSHatHAxED-FoIM

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
an-x-request-uuid: af1a9edd-a992-4c92-ad10-f88cb00105ef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEHknCtvesLV8RfhgSJ0c8c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED51
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

170 B
188 B

31ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
an-x-request-uuid: 8e5d3b0f-c737-42fa-bc5a-acb37f05cda0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA4Nzc1ODgzODUzOTQzMjc5
x-proxy-origin: 95.211.199.131; 95.211.199.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E07C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15905ffc1a97afd70225284b0a50eb9971786f0d00a4c93c9adda68d6b71927d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C8A0 38 KB
13 KB 23ms
20ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 541482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9433 38 KB
13 KB 32ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 541482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 Nov 2023 08:14:20 GMT
expires: Sat, 02 Nov 2024 08:14:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame C8A0 38 KB
15 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C3E 0
0 64ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpfly-nhaSGLtvlUKp2eknJzwycD6fq2maqNHkl1sMfCqBEAUiJ492oE7SfiND683pLH9AVSjx3zAMFn3I2XyCqDanVr_WhHxzTt7v04BqIAkyXcHuPMaXvNKZSJSH103KlmE1YvQhBu7lY2BKlInr8nw0zctPJ9gLYYGeCW5DZv5tJ_pPanBX0sSeF_wFJ-pyKddRyseOYMfaemIkZ1BV8quxGOAPOUppsKBlw8IC2fW7v4ETgPTppk26bQuMsJK3XMIKeAkHupKMqQrUzZBUOfSsRRiVkX6dQTvgRJv2fj81CpgGE63J40eqRqsEocmqzbUF5kcApxShVWU6F5reuqfJeVYwNRW8_XKaSDxhMKnYzlVH3XF-3_jNUWrIju1rSKBKfOOnl__ECtfQpPdVQxZHSe87ILzKNeD6xTpIirJaTCLWASe8nRaDFEEqTFKzWSF4wx0Wmc0Ui3Atq6U1_WFzNXYkq2TFPgE5g5fHIsBCzafpbfL9QuYgZWAGNxFrm-UF0aZnv24ym42rjmA3QqU4wp7JTwbdGmys018Wm8zRvsompW-660LRVdj8bhE_nxR4DgkbqcSoG-gsnf3tPRG2H_2mf3z12AygLFkoO10WHSmFv7ApP9bJdQPH8S3k-vdkYmo8vniETTJUxtPEERtRm0pOhdeFJ8zI5jriOWXqH1qPMqL9_EK_dkutq4vvTDwyBVeO2rxDbrpq6t34S7UXwjKMJKv0u9EDDaJttMYDoSYyc2fJNEbJ3Cz2P0r-kI4s7yBAzTMAjFbx-TcgeRWQkWfKNanTRZOXB8lRgLUI1KWRV0ChOGpDLsZm5IYEYbXOTMDm6GuqLs3LnC0yvwN3l3LKs2oZkFff06EkUqdNFURLuuC7PL8iwcfem5NrdNKoxvqwdqpTJVSVa9yGS5SXzYlZoGACqtBuWUovYFngrHwtX3QV8-yw48A0fP0stMsIeSVsDC8uGrP01MpB4-v1UQRELgI4RiIQoN-menAlZDrhccIdJKENr2eUmdbZVauiVc6oL5tkRnRYPXuEE2qRPNfMe-BDvN9ayjeKMNkkcsgY9Bye9ZqkQxhjnNeml9UVnlCqn3SAAssE-qzx2PnL0QGh50Gn8U-XtC3UV6OWfbOvDap3AUUu4I7VHanmd08mrrNxzNaQfRvsI5UgH_wPo1UY59LgtsnhqWAWnfJttnIaD7zbxtnGnHI7gAaRYqQsw6UnFq7IBcN2DycIP-93kq6xLXL1LZ__cjmiciBEzYrrtlIeoMK3soUnhE5kZ-WSvOw&sai=AMfl-YQeRrH0Mtt_1kwAnrkdm_0EfE70i59GDTzX1d332ohmAqMy91zlZ1CrxkRwaEgHr5hCJk3hEE5yIBhG-b829xat2MsqS8LHCp7RzXD4StmYKw1PzW5wxUYuzHuI8wZL5wHYBgXnxD2nSA9_ZR_0KWiHy18cgAKho-fTJ0q7ifzCQ3VND25pe-ulyyLvz06cErxsggcI7dkwCh3gEj_c7JX1ebgR58WL5P56tNJDLOgeOkEFvFXNC4bHD639jHrPFb4j3gAIPnwOdWj1Oowm6DgBHQ6BV0V2Q-rAztCJmP3s3RrLpU18nLULFsvUHPahooVVfD7xnWZrVwVv57iGZGJ9U9w8UHR0CMysWOhQ2jHu6fWlOTq1-BfWvHxDQ269jUxoNLcQ9FlDT6ueWBWNR2TpEncG3dKM06AY_WencEMQakoin7QnzjHse-4O-GDR7o3HX82D_3OGpk6Wy_D4SmHk662Kzhbcf6KPWEjq-VxNjkOO5Kd-JK0&sig=Cg0ArKJSzGWjWQDTPey-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=764&vt=11&dtpt=762&dett=2&cstd=0&cisv=r20231106.44271&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame E20D 38 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9433 38 KB
15 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60A0 42 B
174 B 328ms
328ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMMjDe2yWjf0Kuv5oMRmgM43T5t4WFt6mf6xPA6W5eHFw51rFEukpYp2C7h-NJM_FXwO7ZCz4MW460OHNMCT5_nWOS4exNrsY7m9iJBhaXBycvbWE-lqJmX2J5RHCBC9GO59yEXFJ1rhi2&sai=AMfl-YRIbAWcC-ZjcQndSmO7NwOS1AieGTPhwhQTJ7umK7ILAct4NO8g6MmbF37fcEY4yhYBOh3-9hs902llElE8vruo_jdrY9UV3Es5a6g2ZyJhv2eUez2DVRonofECwk43RfQLAK1pH1wG7uFedPQGeQ&sig=Cg0ArKJSzOpM_3aF5vEdEAE&cid=CAQSTwDICaaNJPfJSQil01PNkXjnvtOGI4loXID0xYKT6RCiikmlctUbkZAJKGB1ZTiVu5T_W2AtMrkS4g_sQx8le3BErm3PAM-sU27jou4SDS4YAQ&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=768695558&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699540740148&rpt=1187&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/1827660739077033730/ Frame D6B6 72 KB
20 KB 325ms
324ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=dy4gCJJFh6&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b466af9eb2027a78369ddc1f09f19dd1ec095df1d87dc57f7b11a6bc2ab5cffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:02 GMT
expires: Fri, 08 Nov 2024 14:39:02 GMT
last-modified: Tue, 31 Oct 2023 13:50:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 777C 0
0 63ms
63ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI3YMxPxgBl-suA6E6jyA6uXbisHM1-sSwRam8omee-atTjsWIMXzZk89qMqGQt_3kMcdOaquUClRv6nwCxUhrOLn85Y1YRfOWnyr_SEfqUMA8AmSoVG21wJt-oUYOqtBeU6xUPBU0ZUcyfIMe_CrenTXval8BPerONdl4JbLC3-XNSa4OPmgeaCKW0xmYFyMu5YO2BismHPzk0HX8q7COVWfDu8JDuz3UXpu6QQ2sZAqjAD1TtuVdIp4FkRf3UxXuSLYbcmCj6jbXCJOAzIe767ctac1kdCTWe_bjz-ADedphKIS8kH9pEDn8Tq-F1N7oALadnOxyS1ikCayJb19Qac9g5NNykIF_5ISQ_gsKyGUjUo8HhcagN2lYeLHC4-i2PXuYDCB1fVDQpcM0A7JfNeDNJQXi316-Anz7hc1ZwT37_AlhmYtv0FqoZgEhPLutMNtTA4ercDa-YKmwotKuLpu7tNV6ZhLg1MEeQ04lnT7CJavfRkEJnACrOS2TIAYE62ihWb9_CoxusMCJY9dmkETOKnGPu9ATnu9QTKgz6kCU1N7WosGZm39O57FEplTpRJyKdHu63OJCwcBeyNEFvKlq6Mqg4dmxNrH7KryyXel7GvsJNTEgI26xRMXAUbCJAsWPhnSKOa4AnOnHIDIVaBD38-0A_krs6xL-JjGegH6P4-yRiu_rdo-Sb4CFTWG-e5oZpztG6NQqQbEK26-9EeofnEHftjz31YQ7ZZYqJ4OjAVKy2LuFFrPguoqWw65uOnA5d1NjWS8jwVz22cALAfvoP8XQF5fNv7WLoTX8_51EimHiU3Fhx1BUYeGIeI34it92hVxj876aCFdZ9gE1kGivg6eEhDmffgkTNhTyjSnUI_PZQY5nXoO2KKhXyvGpAI7pjpbPL_A1un1_ll5hYwY9CdpIMW9pRmdr_vg6ZmxPZ3ctIsCDkoG_YRXZs4W4RKTFxVEA44t-8K6IpQTor-KQi-fm7K3CJyff9cHjM6lDdTkPl3BNAKPXFd8H7zuLqooOwOSE7DWC2Y_uEToVdjdat9K2BPvHfjnwSHoMN6-EyuFm7PRx3-NuIUx8iprmZjW3a90SnHGvA21zYOkTSPXExs__5hdl-xp5VUy1km99jpEz3wDItjxDaweZff9MsSPk6aWaZmx8gOCZjAOcX276hEWKqlQl8MCjG7Xk-UIZX7ddlzsuiW2D8PrQR8GdttPFeurtd34JdboG2pF2x1POfHzNRYRz0qhMBWTE9j89NyINrGfCHt3dUUL7kvSnQ5OR5-9kfxRptDzR1jGGRh216x12UMm6fvIi2joKQrg5ZA3jYj5D6AnawQ&sai=AMfl-YRFJgMvJShOxwXHgCLjJXNc-6AODAkU9ydMjGoTSVfpGgI3tbyqvXN8eRW6MNLzJpbzBbGKhF0VLvl55ymgDS9MZFtIiahI9dx7v-y-oNPz3tazCn0a156HazaCNa2k9igrr4oWkSUjEzIcdabRdozhTYiZTtBTUiKJ08yC3OlcnQa6VY_EC4rh79HYdWUuXQBXeyU3qznBP5grDxPssRtgGB3AiJc2GwHMlrC9DDj23uCdXoHybTyLHFG6fVVx4wgYI-VBmdaQnTnOBIg-TK4ejf6y5YSkatJNIQ&sig=Cg0ArKJSzHbOgaCX9amlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=510&cbvp=1&cstd=493&cisv=r20231106.24547&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/1827660739077033730/ Frame 85EF 72 KB
20 KB 329ms
325ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=Au0yo4DWno&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b466af9eb2027a78369ddc1f09f19dd1ec095df1d87dc57f7b11a6bc2ab5cffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:02 GMT
expires: Fri, 08 Nov 2024 14:39:02 GMT
last-modified: Tue, 31 Oct 2023 13:50:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 757F 0
0 66ms
66ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhKfiLHUdIFcqEvwnOKkVtMLGhEa5B1vVQJGJ7mLk7E-pXxx8K4uS09dtuunSvKpopw1UYadYwLkYq3klwiiFH5bXvltAvYndseVowdxw2CLm2MLJVseV6x2jBOApNE14AQl7e3RIQLikWBLPu431a2ETBzCMOV1RyxL8yPaxDsQ5vEzwtlAdUKIFlYYX8eltSIVznZmGXk4-Ifol1U8lFZithWLc4sQJPqRywH6Pr6UEwzZMZqG02ZQTcfPw_29kEWZOT7r-RtnP-1OtAPqNZH7JxdmQi6aT586_mbugNYOrvHg6ovRUDuPJQ3vB_Nm3VrRa02lnUb7jkbkurSRWakn8R9PhGdbiio8Kj7fz_6kdFZlMPUpvr6_gKIcc1bkaBLOWL6mTDWWCpKgjvB6o8_We_6bb2xjiNDiUoCzHe0KzYDLrtDb5JRU4-MC9r5X3IoZIyVO3iNbR-xCum3Do-2mugtUsqr-6M0WlPEK33hQudeTl28wBNzf1r-wZDrbBaYRM_GYIurLRb1rWsoP3aK12qOlFzAwYovr3U20ZBhGDUiXcgOf2QBTPGI9PG7EwBq0t2OHSlDOgaWyXFhSHLO9d1rUm7ciaQH21HUC2HDF5-ifoS1fUZkHBtRNveleWrTPip_45O24HRHAMH74EUVafhs46fYz75_WpUS_yosB2pl9uOH5LPYdLRVw3UAyusG2M4A_IFM7FXY2-QWxkaaDc15doPB_HhG-Jedj_kkqlcljslmG0mZvY9NnF62lhqPL2-w0ZtBUrEP35U7m5TcA_jEoVSbkSuvPFYwi0u4_5RfLMfu54-2HRBDj_9jyBCE-vgLBzLMiZx1xzHa34tXDaz-RLEpSRd2P_vMXD-iGLA72Iz_Iv909K-XmBkPPC0ZVhpa15zgJ2ZV7jf3le08YvBSklP1TchCAEe18-Ta_qOiJi8hXolZBExsiDXm6BPBZJ9iNUtcZQWGtWVDj_E3PE3mCpUp6R87Y9VE2Q_kZ_gZtUpJRTKaT89o3RIjoeD5DNDYFv_LHiXIEId6R1-DzncEjl_cMdL-D__eQ-cC5MnbMTtFLSPKCK1PS7nAdcOuXx7epGGGJFqaJpIgIW3R7rE-6k3ikx6pZlAx0uxAbX-S9hQzj2AaIwCzplHTCpZ8tQpyeo1KUmqw1eyvLLJfb80PI16d-kakNiTz63ZldxDVpx2vGun5telYoPS0nb6jrgvGY-LM-Om1Fqn2o63Prq6DM9lUTsfPpEi8wg83Yg4dsX5dbREK_b2b_4Tqe5RiqGaNpvcWNIPAJpgg_u2gXHbhYlA0USEo1PeL2u67gNilVJQ0x1RANv-6Q&sai=AMfl-YQraDI93NYl0Lq1cEDVzJMLKw7BzlMWBcxcYTT8-kYYbqsY_pXs9nHw_butopBPlcoPrUAu2DOjb5NkxIZQ-_lwq6AhilTwvANx7xZ0laIYPGc5Bj_yOWwqYVWO0PxZajGaf_BQTSOUfD7mUk4FDtqVMiw1Oz16mrlq5YPsOiAOqII4zzqq3V1_mnnakIJQwxJKYgnrnfYDe1QwiuFExayFAYPPczkAyjbwCkAWk1wf_EyfgV5qKHYhUErez7CeM2rfFpTkiQRbA5N0wyeGz2zTR-XCPdFLOhcktA&sig=Cg0ArKJSzBjw36klGbOeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=507&cbvp=1&cstd=499&cisv=r20231106.09756&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 guide-bugjaeger-780x516.jpg
xiaoko.com/wp-content/uploads/2023/09/ 103 KB
103 KB 1576ms
1575ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2023/09/guide-bugjaeger-780x516.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4426da9093bb840e2939a3457bb4a33dd3ad043e7de056df67dc583d8362b8d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:04 GMT
cf-cache-status: HIT
last-modified: Sun, 24 Sep 2023 12:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65102f15-19aa1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n329F9JYnSsSMh%2FF8Z0E4bLaiyXWyu8YcUfTyZEm6vovW0ORPJVXfMNyyNk0L14SmZvSwRWatzJYhxAdoLeQ21YnF8SYub7Prs9v48SGolWKf%2Fs%2BK%2FnGf%2F3q6I30KhvGfDujPRBuQPCf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd88bffa692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 105121

GET
H3 200 install-line-apk-585x335.jpg
xiaoko.com/wp-content/uploads/2022/04/ 73 KB
73 KB 2058ms
2057ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2022/04/install-line-apk-585x335.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac95363c54123bfa8ff6313fa682d242deb4f603782764257a2b2f5e52f4407

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Apr 2022 03:23:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "625b883e-122b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FckUXH7U8YV6TtF700ImMnM4V1EQmr0jSTw5QBLlWJiM2AfYm9PzqhBYgzDAQyZk1uJlpsaKhp4or5GOKbDElJn260Lt5DtqocL1T%2FCy%2BAcVeBIGOGOp5E%2BDfRGhLwDCo%2Br9KHbTt0ot"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd88bffb692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 74420

GET
H3 200 615c8d30-c219-4601-a3d3-88cba484a751-585x390.jpeg
xiaoko.com/wp-content/uploads/2023/10/ 25 KB
25 KB 3166ms
3165ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2023/10/615c8d30-c219-4601-a3d3-88cba484a751-585x390.jpeg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f683a9c70dc4f75607ceb4e7b78f421e4c432ef5f576e15ecc336d57759a54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:04 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 09:58:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651fda39-6297"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYBYAqIM0E2QNFaGcGNJ611kppuMUsk6kF7hizRqzbfiNsGCpjM5AloIzUe%2B%2FDcGlmdTi8VSVKHgfeYdCyMuis%2FYyPIaziQVpIFDTii3V3OESw4G%2FsFPLIcAcYydZ%2BtOTV7kBoyYrB5X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd88bffc692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25239

GET
H3 200 watch-linepay-2-585x533.jpg
xiaoko.com/wp-content/uploads/2023/07/ 56 KB
57 KB 3204ms
3203ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2023/07/watch-linepay-2-585x533.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5999e74cf0503a998e8d7e06fa3c3d0688b7b70307620c91eda6e409fb8e05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:05 GMT
cf-cache-status: HIT
last-modified: Sun, 16 Jul 2023 10:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64b3c5e8-e112"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg7rIHmVILli8C7qJF8wGa7RIOIdEImzuxUi2MTZ6pel7nTS%2BSL7mRnF%2FSx6gWL5INpZsQx3rI18SktfL5wvAO7l%2FlPgb78zgWVhFN05gogElStBk2yoHTN%2BlHt5s9UtZ7OEZF4eiWAj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd88bffd692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 57618

GET
H3 200 LINE%E4%B8%89%E6%98%9F%E7%94%9F%E6%B4%BB%E5%9C%88.png
xiaoko.com/wp-content/uploads/2022/11/ 42 KB
42 KB 3279ms
3278ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2022/11/LINE%E4%B8%89%E6%98%9F%E7%94%9F%E6%B4%BB%E5%9C%88.png
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32784764f8cf49e2f4f732c61febd35fc9e7a513dd65e36b5c05940f15a2879a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:02 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Nov 2022 10:31:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6368de7c-a60b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGuM1%2BQIZj5f6z4%2BvBhfgWt%2FklzrGg9ibIshQPk0bprkAa1s%2BRerWVejZb%2BslTFI6T5ITggrXLyQ2P7%2BTjpTHSc%2Fpb7sHb9CKSyshMK9ZMdkVDVrVDoqahxLEsPjOOm5wL6WYBNB4%2B23"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd88bffe692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42507

GET
H2

200

/
www.facebook.com/login/ Frame EB07
Redirect Chain

https://www.facebook.com/v9.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df29c8b4468e002c%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

224ms
223ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29c8b4468e002c%2526domain%253Dxiaoko.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxiaoko.com%25252Ff13dd52685b88c4%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fimxiaoko%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=782c2ff99276e40bea33ea0532b4e5b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Nov 2023 14:39:02 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: UI1hPStm1WR4GchxFP1Q+lnFH/0KIs9DiaqkeXsODXnOnW9aySsPNg56WR9fWAFZq6hMwNPFyEKCxtBFpnDsnQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:02 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df29c8b4468e002c%2526domain%253Dxiaoko.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxiaoko.com%25252Ff13dd52685b88c4%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fimxiaoko%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dfalse
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 8xJE+iIoZrxihrmE+YHK7o4Bm+E9HaCWF7wzSrO/61Agc0Oyc4GBe/4z4g9DAWK/zx5KEBX34WphuGNpywOqzg==
x-xss-protection: 0

POST
H3 200 / Show response
xiaoko.com/ 643 B
1 KB 4336ms
4335ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xiaoko.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46873d879887ad51d476b020f0b7b0f427870c1276ee6498dc10a3d283fa6292

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://xiaoko.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 14:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DU3vCNjqu2XEsc6%2F7uHgbysf6sGrUJrjiMiKpWSSdEidHS%2Fb0SnHyk3vnGKiPXTsyYGPSTA6KkCPvlOzfQQTekYWFbfXfW3nZmIZSa%2BbAaEtDcUJJrHYDDNy9x1fBZmIirqs0G%2FleNA9"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, must-revalidate, max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 8236cd892877692b-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame 959D 50 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Nov 2024 19:20:11 GMT

GET
H3 200 stock-on-watch.jpg
xiaoko.com/wp-content/uploads/2023/08/ 97 KB
98 KB 4214ms
4214ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xiaoko.com/wp-content/uploads/2023/08/stock-on-watch.jpg
Requested by: Host: xiaoko.com
URL: https://xiaoko.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4776dc3b06bf5f5c35d9f12a5aa29a952d32d182706deeacf3c25906765f9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Aug 2023 07:43:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64cf4f0f-18445"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoA5cu91cGwyfcdQm9GiuCk36uUWrHEKTQPAUexIosaFdQ1NHaBfM74BXdB1fefYpMpsB5zq010ek2pQjihUCb6drg3ulpmvA8Mp%2B4OTNM%2FNIieMpccklVzzPslGw%2BHAJT%2BTpSHdj%2B7Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8236cd89e95e692b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 99397

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8307 0
22 B 56ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_GhqBO9MZaPwD7CmxdwP5Iy7aAAAAAA4AeAEAg&bg=!DA-lD0DNAAb4oU7C2KE7ADQBe5WfOHmK_AWGXYyJFy3RQ-uNQr8vy7wTPbY3vMvb2l354yQAga1SnTp5tj_F-bg4967DAgAAAXpSAAAABWgBB5kC9C6gR4tVUVMchLXGWQuHMHkosPV7qbc_oWJm3Cdqv_5PaLDkxAb5rlW5HuCP_MygP7u7OwRZH4-qW9zyTKl2M1k8kTjfPl6so7bcVdkbARls6KyRzC60WcASAlIyb5pdDjassdHpw7ooYWol-tuFRK66-vxjS3ocEixFfZGg5M8APWINZaIbEVOpUtQo_mZgxkZxzF20V0FccmP5Ebe_IMgdq_UGy02ZCAeM23eNhM3QSes03_qnb_DBne2GQyPKAz3U3bOd0En6pB3ZSIpKoMkX7ZX8NLAZ1ZLptjUisY8oyKMgGEdMt1Lb2eQFWdZ4KUWtJV9GJLkVvv6H188lPcTDdLb6a1f-KLPI-3zoTTXX0dbN42R20_iebYWbNIJSmgwO5Nb9JuIiTexLP1gh_GQK70vBtRIQpkENBWgXydgO6gz_wcIbAvpUp16cssF46vPAVn9EIYRB_Gla5r4gfZlocggOvycXTIz5hPxJ8QdMVF68tF6MLYl6zQErdc-WDE9ceQs5eOZHx1nJEOyrxa3g3xvOC3f4EuD-feFy5tgwk4NfFKojvutLL9R0N0cI9gK0l2K6CCJ8DZCHXBgQs2TBUE3H23Jx9wG_PiQ5y4FmAdEkyHoN6_cVX_EeCyUzmosBz-rzHsFmH_NdfC5MEqfXhzN8fdnbNfTm-I15S2uLVUViykibN1bjygHtFHIZSEJnrzffDCXs-Loy9KMfUmU0dxMvI_VObxMcnqPCLJ1W2eQk3JhP8kF24FmybQNcVtpSRwZjAdJ4uD4CT52tHKA0YMgXM2Ta_w77cyok2dM-1Ci2bsfaBppyXK5zZfPq4sR9jvwXrRF_JKn00rglfiPIGpg9-VaQcGB7lk6WGrW8LGJzXcd0J92C-DMxmd6JyeBLWeIDYB-Kus8cmJXIWMXGqqSpYXk4bz2wfmE5Ta9kfwUMhIOqXNpC979jJ9m-2pufAIkDA_LN1qJaw2PyRJ90aAeXqANgQFOPLftxOwZ3t2JtLw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D6B6 120 KB
41 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=dy4gCJJFh6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=dy4gCJJFh6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 17:00:57 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E07C 0
0 59ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshcBcFf7yilSKdA1MFCeLZPptodmwXLxVj9F_rssgIRkoDMyN-gbdNW9tdU2h8CtsA492q-3sfvSvQAyCWFEOm4ziYakqw68HsZhCyWcJ1i1v56P_C2DWJNhi2rXq12gU3pFHPI-bNl92cKa6Gy39QIo_wXoEOraA7MhWXZTs6BdQmB7b_48ofuN-NHtwlq4OhyslxxASLBsg9pAvJcRip80s74_lF6iRl3aNwl644SGfFvytfRTe8b-bs0P1noJgJ9bYa0PmTQpAEw1ywRVmNL7M6dC4a-LVEHOV1nw76wEVYuAzhZSuCzbXTnmRHV84WYhHRl0_W7KNeY9PnVI8ppaGiVeCa_z1fXWI4CQglEaStd6fW7jhTDfMKYCtay7TfoqgaGdu_ldxW6_2nwHtEDTtwzbChuSx130DoP54BxjvzGiydHynzZd9OQlR1crfhnhzA58AIlZ1F5kC_vYlzIj2ah_zkzcTwqWAf04BZaljB0Fodg3DQn2xfXb9lERDu4X5o4j-x5CbIHf6gdgDPL3GhkOwa1_GlkrIXKZqTfibqEor9kzqvont5is_noOWjXlxYQvWG_1oMfW_s1N5iyHLcDGSgebPV3pOVNWXQWTNbbgZnyadEGnAgFw4DtxmDer2RWdnIcrhTCma_k7ik4r8f-vOgXB6AwQ2bkmxLXg4qGuTwDhfurU9aQsASP3_-aY4SDetYvz7oPNambDc_lp44o1F5dWERV7ZJOge1GFbBj_XR9LVni60IfhhPdEzkl2mEJOfgbGYxKm06B25j-UfNd-zUpNpdxds5SHAKJlP5GPtr2Mei_knb4I_710ghtS7ICcJlS5mvDl18H2VU6Y9Dn7KC3AyL3dMF42MdkCNlSqAzM4IJ3YgPxQv4hHBKOLkmwmqbEQFrmN9e1Df6qgflKJ0zfGykk2HHiNfAwGSDZ_-4NoszXizei6yvck6AOfQ3krq_4IgmM-_NXcDDD6Mr2sGLuxe4aLnuAscjxG07mF8a8HBDZwULrQxtpOgF-9eesINk9kgbPwQPN1b4NhcSNdBKEvYiXQ_MFgBVEli4MvTwtZQnZ53X19NBDDqKXM0ETzResUjrsPYWkvZCIL3rJJ7bxJ0hojm6MWYcaURWhM7mvakOZLY_dvzx0hUc04UHYs2FGI-o9AoNgNBboJMsiKwu7Jg_7JDBa8EyeCpqirrzjRcZ03k3-Fjq-FndouhdfRXDzs9Bh7FWINKCg-dGyUKiVuunxUU05daluD2UONen_icGmJzvsOq72hgZxf1NdyCF4BRkT_nNsPJVhswe3N-5CytakSVDb7L1tawpEQpf2KtrdvU&sai=AMfl-YSAQDNPhDZjKW9DNl2Wku_cLrGPXu2hsNbw4Wvvn09QxhMWPlARFDqWWx2fs6RsY-K029hGgyHQbGV--Pm7nCCNR0A0wH9yyr-pV0DiqbeJEKonIbXMrdLmtDMbHLfbGZwk9CG0P7-cef1akgwCf6Emdof13XMphab1k9nbbNPDqiRbG5g8zziqse86GZDCa48lUY6FZATNoENwUK3cfP74JnRih-owdPQfVD4ljACS93DXIMC_2mT47w8dG75GtBkDP3OCvXr-FqzODytSzH0fo6ryTvOwIBjWn_Sl2vd0dGNIHC0LuNoXJnyWA56gVIq1UYeeJb72wEuPoAp2GF7IHG4kp3ZCmPcTyzwsK2PGc2ON7vQRRm5mRRbb2oGMUha4vpgmrEkMcsznpz5FYvBQIpyn&sig=Cg0ArKJSzHlkN3izjKHGEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=881&vt=11&dtpt=880&dett=2&cstd=0&cisv=r20231106.47813&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 85EF 120 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=Au0yo4DWno&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=Au0yo4DWno&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 17:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 17:00:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8A0 0
22 B 57ms
57ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BPxDxBe9MZeKAMNqxjuwPxtKvmA0AAAAAOAHgBAI&bg=!-vml-bbNAAb4oU7C2KE7ADQBe5WfOGtC3BpZhM9HPpcJPJAyUIQ44lOXu9fCqHH3mpqrYfjTwl18KjnaWEvKt4bVnRoyAgAAAe5SAAAABWgBB5kDBTQ_TvQ2Twd_SLPj3qsrj7S1pOoZHUYZjE44tC5CcMfxSHWSfJXVe8eYXEy4fnd9tIJ2-BZgoqZopIei2xyT6IY5FQmJt52C3BfaaOE1Mtnzh2Ek1hsjVeTiVUwXNtLlA2QnC5MbqBpe9pGXM2OfgDLG5W5bkUiIxGKFzqnP4YZ3VzmGYMBUT4u8rMVtOb7WCP4yLugkL3XcG6SJmIkqIJJ6YM1GYt0BVnWSoN4Al6rLHNYD1hfh7HxyodYvqZvK0CC3azLcYU9JJvKJrFiI4Hny9VUnrPpIuygSrY3y4MHLroHmMkeTMwVy4lmM3IOx6IFdvzRM5JcnQT0-eEeKxTCQdYgiOiO_NtMAyOY4WzEl7s7IVGnrPVtrAz1Y4SaxcGE_AFI8UY4dXCDS-R7vnKeBVyE_yyxSY8Ea9OwNGofpwEcKPiFtJ8Rxi25R1TX6S027euR_MN_TPpBIirJcN7YJaHV5ycSRipUMyrpVkHB2O4cFqlKERxM2vSEOOEaT2AAdn5cF2LF7r63P1SbJLma9UdSKhM5N3_AOo6HjATXsDlL84raY4Hma1OdSJ5YmmTCBbcvZLJun97TP85J2VGGrVkcIaldAEwc6BsvTZqCf_eNJJmsBeVlaqt3nPsKkk-u9rt-LmXnViGPEHCrAGFQaiCgHqmyfFzev9Mzts82FBN1H2l0Lhq2xtmGcROOHvhginfQfhLZZfAlVK7eRJjyv2vZ6ypWBc-raW80MxNiuw3KOHZS8B08KK_pf-_GOAmAc2qxBREy25R2J8rHYH-HYyoNvtVJQuIOT6EGe2cQ5h4hvj2vkq0wlJM1KsDfqbnPYuR6chXe6eUPmQyczcwhm6lrX5xBGW2iSsjaN5PiTFcYFGnsdE7KSFPXq9dZ527ET3VzhnTxhCzveLL1cpTXpEVreY2ELJ0hX5MdfkfXVGTj00BLp_ZullTERelF9CJ2ITmW_MKg_6UycPNHg0NTII6idaPm649JC0JzXr6lBisPAnXiQuAgoc2wUeLfbW_SZGuVr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 777C 0
0 58ms
58ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvI3YMxPxgBl-suA6E6jyA6uXbisHM1-sSwRam8omee-atTjsWIMXzZk89qMqGQt_3kMcdOaquUClRv6nwCxUhrOLn85Y1YRfOWnyr_SEfqUMA8AmSoVG21wJt-oUYOqtBeU6xUPBU0ZUcyfIMe_CrenTXval8BPerONdl4JbLC3-XNSa4OPmgeaCKW0xmYFyMu5YO2BismHPzk0HX8q7COVWfDu8JDuz3UXpu6QQ2sZAqjAD1TtuVdIp4FkRf3UxXuSLYbcmCj6jbXCJOAzIe767ctac1kdCTWe_bjz-ADedphKIS8kH9pEDn8Tq-F1N7oALadnOxyS1ikCayJb19Qac9g5NNykIF_5ISQ_gsKyGUjUo8HhcagN2lYeLHC4-i2PXuYDCB1fVDQpcM0A7JfNeDNJQXi316-Anz7hc1ZwT37_AlhmYtv0FqoZgEhPLutMNtTA4ercDa-YKmwotKuLpu7tNV6ZhLg1MEeQ04lnT7CJavfRkEJnACrOS2TIAYE62ihWb9_CoxusMCJY9dmkETOKnGPu9ATnu9QTKgz6kCU1N7WosGZm39O57FEplTpRJyKdHu63OJCwcBeyNEFvKlq6Mqg4dmxNrH7KryyXel7GvsJNTEgI26xRMXAUbCJAsWPhnSKOa4AnOnHIDIVaBD38-0A_krs6xL-JjGegH6P4-yRiu_rdo-Sb4CFTWG-e5oZpztG6NQqQbEK26-9EeofnEHftjz31YQ7ZZYqJ4OjAVKy2LuFFrPguoqWw65uOnA5d1NjWS8jwVz22cALAfvoP8XQF5fNv7WLoTX8_51EimHiU3Fhx1BUYeGIeI34it92hVxj876aCFdZ9gE1kGivg6eEhDmffgkTNhTyjSnUI_PZQY5nXoO2KKhXyvGpAI7pjpbPL_A1un1_ll5hYwY9CdpIMW9pRmdr_vg6ZmxPZ3ctIsCDkoG_YRXZs4W4RKTFxVEA44t-8K6IpQTor-KQi-fm7K3CJyff9cHjM6lDdTkPl3BNAKPXFd8H7zuLqooOwOSE7DWC2Y_uEToVdjdat9K2BPvHfjnwSHoMN6-EyuFm7PRx3-NuIUx8iprmZjW3a90SnHGvA21zYOkTSPXExs__5hdl-xp5VUy1km99jpEz3wDItjxDaweZff9MsSPk6aWaZmx8gOCZjAOcX276hEWKqlQl8MCjG7Xk-UIZX7ddlzsuiW2D8PrQR8GdttPFeurtd34JdboG2pF2x1POfHzNRYRz0qhMBWTE9j89NyINrGfCHt3dUUL7kvSnQ5OR5-9kfxRptDzR1jGGRh216x12UMm6fvIi2joKQrg5ZA3jYj5D6AnawQ&sai=AMfl-YRFJgMvJShOxwXHgCLjJXNc-6AODAkU9ydMjGoTSVfpGgI3tbyqvXN8eRW6MNLzJpbzBbGKhF0VLvl55ymgDS9MZFtIiahI9dx7v-y-oNPz3tazCn0a156HazaCNa2k9igrr4oWkSUjEzIcdabRdozhTYiZTtBTUiKJ08yC3OlcnQa6VY_EC4rh79HYdWUuXQBXeyU3qznBP5grDxPssRtgGB3AiJc2GwHMlrC9DDj23uCdXoHybTyLHFG6fVVx4wgYI-VBmdaQnTnOBIg-TK4ejf6y5YSkatJNIQ&sig=Cg0ArKJSzHbOgaCX9amlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1009&vt=11&dtpt=499&dett=3&cstd=493&cisv=r20231106.24547&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 777C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a64e3f383e0e12b22980784cd0dc2008e428165546260d0cc98fc11d9f5909fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E20D 0
22 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BvHxOBe9MZfjbDpm7xdwP8fGEqAQAAAAAOAHgBAI&bg=!cnGlcT7NAAb4oU7C2KE7ADQBe5WfOOKUr5sq-7dBlVYoccpFXAGTODfDDzzH3pZk8lTj99P-BLJdxuNxXbtapRnE57RsAgAAAbhSAAAAA2gBBwoALXEVUGPEmXwC5kh4F3PJzBGCNDQtrAaozf4plMSNmJgm0GO4wCSAvV3R-QmOzZkC_xO6aWR1aw8gu3R7utbxX7o-SUkbQB5N_PgGvdUsR7BHQBHUN6YIhqLcJxpLODt9sj_huBHKEM0uOY-nnbtQ-MmwBy4GIWh-ikYlrHbgvhhQyoy356M-3PxC6l_A6KnHhawMauuIo6Sl23s0jJxO8oV6ARB9C0dNHGK7FQCbZl5RJMAe0-4sfEnaa33Ib4YFuUthDtEC-_TW-PP2oO_Xz0X906LmQfA9vud6Pfuqw52b-cG6cOxwsUuJ98h-SP2OsN_RBk3yWfRuR44Ner4-8qjNQ_s4-HBw9-PjxxyfB_eV7zRXPNpvDGoAzYEzF9JCPsIkzt9cpEj6yKDOdyRJw9dW_tefVX2PrQyG4g-2Ta0Qlnm8uwO3FE4AEUIKzBMLBHi4MZcbvHKi23Utbmc9-MWqxiCL9ybWydFPgNFkz-G0-y-qPCUnpElq1VsGfYF-YXYbItn4eKl8mo_XCXfyVC3bO_E1ei_x5FOT67kUe-bT1Q49dW-ssVQkuNkyg30nGG_kMkFRnpYYLHvH9JzgqL8bPhfCFjHssF_tO1geZlJZS-XvwJIOeb9rhH7_6FBTmeTlNoD1E2eqGOg4_rMUFehhe7cAqgIQDoYvrwXXsOu5-aKWmbUd5CGIjNSGu-ty2YfS4Kg3OYxRR4rseAnC5E0R1yR_gxS_JHZEu5NTbGndcnP1aXdCcXumCTIlf8yPbvyz_xfABsrsDrllIExNvDiZDHo_Mai0POqTafjHSnpJRFHo6tiRAmx27i_cQhjRfT0HPl7C8SHU_O100Lta5EtkY9_kQDYI6TXGWCRHmufJ2ELyaCOGcPFW0HlfyzMvmeRGndEE_tZhiqP7gEE4-f7LtAWOADdGojyN8GBhGSjuIWJedjZ-2HNTATjxZaca5qKI4DiD2ceCOR73Cw34AbP7EM911IKWbn4mcHUoWO6XbSZ3pu9mLAFAPLNNfuFL_9DbF9Jlo8XOojJl71Z2SSjbYzwxA0CgTBZ571-Y8ykRfAjcnzdRfB1JyuGeOkwH

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D6B6 7 KB
6 KB 61ms
61ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59113a3e5447609d21310e8e024f9724c268ab65589d34bcf3b0dd8ad86d51ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5785
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9433 0
22 B 56ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BW8dWBe9MZZjXK4StrATFp6KwDAAAAAA4AeAEAg&bg=!R0SlRAvNAAb4oU7C2KE7ADQBe5WfOLeTdsaYEfyylCKvkx61TLGt66EzpAgTKpy6cxinN9tjtw8VAQIOxzUvfN5d6wIKAgAAAQJSAAAADWgBB5kC_9A0-l7QwbkcjDI_bbXg_LclFoDQJLb5OYY_F2FX8H1yHtNrlgxYI4gKeDVKW2gBV5b1raSkfVSmHdYmpWs5fT8yokjA3jw9JtLMCnXGVMRglZGyQJHVw730vtS8dbVnlt46VKD9aLpDRymvjG81khUg6xoqH5QAXKpC9SY7mcabZyVGex3IBOXWBM5pcVqB4kPij1iwSnaHVFS0h3usQLV7PRA2tJHxESrNXzqG2mawQaig2v2WgLEqhG8KV_iUGDRcAleHhsnm1NTnpXXjD_CZSCAf3_KkEvEpMl0PoFErfFb-nbKfrFL_c9LjsjDjOyfHlTcI-gOLnGtSoHrC_zykONh8k19VvJFwqucgtqy0hoMJAz7nKrCV8tOcUdqEKHq37AU_yqTI3EJv1XJ6MuxQnXan8xv2-KIFJfcIG_TRDdRbcs1XyO_82D6-YAc115VX6LzSNODaTV1n8BV_PF__sy1YltewZJzgfKByhNk9fRUBw3sj3QIPUrJ0c5h9Rs4eTRc0L5rqRLufZ2IuKNxG1JbUT6L2YAFaob097rxoaplkpIdmDekKnNzmP55BB8k-9VVQGwaX_TTV0RP2fpjs5gzeDczB-YSuc9ukg9niEubshlOUvZQhShq3Q5nKrag33VJVLTPLYSNAZ_A33VSMnT-5OrL-IN4wfdKTWglW3fzt6Nlu6AvBHkkgbWJsv0LAbXgpZuId4LMTQKvnre74HuOkb2P3DOiP_xRzNXEJnqliwnqv5rMTP-3IH5WDa-wxFiaZkAvTyKqYONdKr9kzsfJus8CTqwm2AIPah06afISqLA4g5Au4V6f-X5ehV3ABWXTDepbBfcN-UBNT4F_O2vp8cb2ATiTJxGef7yPJMuglRtCwdRfMByR9JrhLQxkgYVZncr3gWjafcZQS3N1B7yorhckPFOHKb8KW-UiTtMgI5639xB3LbnBmsA8Zl1ByCGEOcA-La4HeUW36MrfKoSrKyNSMLGlVJdIMiOwZYBhcbKICNxzM6sFciJlY

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 757F 0
0 60ms
59ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhKfiLHUdIFcqEvwnOKkVtMLGhEa5B1vVQJGJ7mLk7E-pXxx8K4uS09dtuunSvKpopw1UYadYwLkYq3klwiiFH5bXvltAvYndseVowdxw2CLm2MLJVseV6x2jBOApNE14AQl7e3RIQLikWBLPu431a2ETBzCMOV1RyxL8yPaxDsQ5vEzwtlAdUKIFlYYX8eltSIVznZmGXk4-Ifol1U8lFZithWLc4sQJPqRywH6Pr6UEwzZMZqG02ZQTcfPw_29kEWZOT7r-RtnP-1OtAPqNZH7JxdmQi6aT586_mbugNYOrvHg6ovRUDuPJQ3vB_Nm3VrRa02lnUb7jkbkurSRWakn8R9PhGdbiio8Kj7fz_6kdFZlMPUpvr6_gKIcc1bkaBLOWL6mTDWWCpKgjvB6o8_We_6bb2xjiNDiUoCzHe0KzYDLrtDb5JRU4-MC9r5X3IoZIyVO3iNbR-xCum3Do-2mugtUsqr-6M0WlPEK33hQudeTl28wBNzf1r-wZDrbBaYRM_GYIurLRb1rWsoP3aK12qOlFzAwYovr3U20ZBhGDUiXcgOf2QBTPGI9PG7EwBq0t2OHSlDOgaWyXFhSHLO9d1rUm7ciaQH21HUC2HDF5-ifoS1fUZkHBtRNveleWrTPip_45O24HRHAMH74EUVafhs46fYz75_WpUS_yosB2pl9uOH5LPYdLRVw3UAyusG2M4A_IFM7FXY2-QWxkaaDc15doPB_HhG-Jedj_kkqlcljslmG0mZvY9NnF62lhqPL2-w0ZtBUrEP35U7m5TcA_jEoVSbkSuvPFYwi0u4_5RfLMfu54-2HRBDj_9jyBCE-vgLBzLMiZx1xzHa34tXDaz-RLEpSRd2P_vMXD-iGLA72Iz_Iv909K-XmBkPPC0ZVhpa15zgJ2ZV7jf3le08YvBSklP1TchCAEe18-Ta_qOiJi8hXolZBExsiDXm6BPBZJ9iNUtcZQWGtWVDj_E3PE3mCpUp6R87Y9VE2Q_kZ_gZtUpJRTKaT89o3RIjoeD5DNDYFv_LHiXIEId6R1-DzncEjl_cMdL-D__eQ-cC5MnbMTtFLSPKCK1PS7nAdcOuXx7epGGGJFqaJpIgIW3R7rE-6k3ikx6pZlAx0uxAbX-S9hQzj2AaIwCzplHTCpZ8tQpyeo1KUmqw1eyvLLJfb80PI16d-kakNiTz63ZldxDVpx2vGun5telYoPS0nb6jrgvGY-LM-Om1Fqn2o63Prq6DM9lUTsfPpEi8wg83Yg4dsX5dbREK_b2b_4Tqe5RiqGaNpvcWNIPAJpgg_u2gXHbhYlA0USEo1PeL2u67gNilVJQ0x1RANv-6Q&sai=AMfl-YQraDI93NYl0Lq1cEDVzJMLKw7BzlMWBcxcYTT8-kYYbqsY_pXs9nHw_butopBPlcoPrUAu2DOjb5NkxIZQ-_lwq6AhilTwvANx7xZ0laIYPGc5Bj_yOWwqYVWO0PxZajGaf_BQTSOUfD7mUk4FDtqVMiw1Oz16mrlq5YPsOiAOqII4zzqq3V1_mnnakIJQwxJKYgnrnfYDe1QwiuFExayFAYPPczkAyjbwCkAWk1wf_EyfgV5qKHYhUErez7CeM2rfFpTkiQRbA5N0wyeGz2zTR-XCPdFLOhcktA&sig=Cg0ArKJSzBjw36klGbOeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=533&dett=3&cstd=499&cisv=r20231106.09756&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame D6B6 13 KB
5 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=dy4gCJJFh6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 08:02:27 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame D6B6
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag...

361 KB
361 KB

332ms
217ms

Media
video/mp4

2a00:1450:400d:13::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/542537113219B49D71358E26708471BAD0F3BBDE.50AE688565345B1B751AD371FB71837E9625B7A4/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:13::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6546d787c969285a5be3c3545875385746b8ecec80ebf9be07e94b1121237004

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 14:39:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Oct 2023 13:50:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-369561/369562
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 369562
Expires: Thu, 09 Nov 2023 14:39:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/542537113219B49D71358E26708471BAD0F3BBDE.50AE688565345B1B751AD371FB71837E9625B7A4/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85EF 8 KB
6 KB 63ms
62ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2680714365bc156ea8a983bb383012078202433dc2be5f8282724876158d3152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5813
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D6B6 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 14:39:03 GMT

GET
DATA 200
OK truncated
/ Frame 757F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 722bdbbb3330309de8aab188187725c0ec7ac9ccb4e4a8b8450ba304450717ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85EF 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 14:39:03 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 85EF 13 KB
5 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1827660739077033730/index.html?e=69&leftOffset=0&topOffset=0&c=Au0yo4DWno&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 08:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 08:02:27 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag...

361 KB
361 KB

333ms
219ms

Media
video/mp4

2a00:1450:400d:13::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2185072F3A1FB4CA5E739F5ED762C2DE18F6D12C.28FDEAACEA8D290DE1CFDAEC7519207004EDA469/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:13::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6546d787c969285a5be3c3545875385746b8ecec80ebf9be07e94b1121237004

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 14:39:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Oct 2023 13:50:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-369561/369562
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 369562
Expires: Thu, 09 Nov 2023 14:39:03 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-c0q7lnsl.c.2mdn.net/videoplayback/id/d0d5a867af7aa8a3/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1731076741/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2185072F3A1FB4CA5E739F5ED762C2DE18F6D12C.28FDEAACEA8D290DE1CFDAEC7519207004EDA469/key/cms1/cms_redirect/yes/mh/v6/mip/2001:1af8:4020:a034:1000::5/mm/42/mn/sn-c0q7lnsl/ms/onc/mt/1699539460/mv/u/mvi/1/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DDD 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame BD77 38 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H2 200 dc_oe=ChMI2O3D0ZK3ggMVhBaLCh3FkwjGEAAYACCVjIthQhMIoYLr0JK3ggMVMFORBR1kxg4N;met=1;&timestamp=1699540743584;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 777C 42 B
402 B 146ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2O3D0ZK3ggMVhBaLCh3FkwjGEAAYACCVjIthQhMIoYLr0JK3ggMVMFORBR1kxg4N;met=1;&timestamp=1699540743584;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIopfI0ZK3ggMV2piDBx1G6QvTEAAYACCVjIthQhMIooLr0JK3ggMVMFORBR1kxg4N;met=1;&timestamp=1699540743586;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 757F 42 B
108 B 145ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIopfI0ZK3ggMV2piDBx1G6QvTEAAYACCVjIthQhMIooLr0JK3ggMVMFORBR1kxg4N;met=1;&timestamp=1699540743586;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: xiaoko.com
URL: https://xiaoko.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 777C 0
23 B 53ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5598497176721&version=m202309260101&ct=119&x=1&cor=4850034070412580000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 777C 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWA6RTlly-xCW3GJ11SGDTOZzosFUVSDbRN7Z06Ldcpbtci4GIFT06QShDcv1-f6x0vCDWaJZOnj_u5zNYs8HkHjZdy_YyuBev1DqlIOdM0QpUEEnRoAIshlfClwNprSNSgNxQ6fKxsiXy&sai=AMfl-YRg6MYoMdlkfY3Uh3eoihCmeTq9Rx_HIIukcNUfFvqyaYsomBQoKmNcPhrnlTUVC1SrYINziwgGBmaQI0e74JpYLxsm95AC62Tj_vKqFRYv3pNpVatJyf3oZECaP9tHjeMDr3zpFzgHr-sIDWqu&sig=Cg0ArKJSzB5uPNZnk7zkEAE&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699540741494&rpt=1238&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 757F 0
23 B 53ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2718363509109&version=m202309260101&ct=119&x=1&cor=13271109299802440000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 757F 42 B
64 B 107ms
107ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYoNHJSV4KNc2vrAdQTCXsvrPVxpQEptU2nlhwcq7ftUESQeWE3sXSiBAfcRy2emzjr74CKsVdwEkeiIvn2mAoyTIxYl0K9gZnf1WuIh9BpLPe2KIRPRlFsN1mOLpLFSLzI1V-udXJJOOZ&sai=AMfl-YQQMVu5xPQVkpBF7vJ4kJobMiCFV8iK7P2eiZyghQOdUKdI4nxaZ-Yhgjj-fLlT5Z86dob3lzdQo4kORkGGcJ7xe4Vz_nLAD1wxRdjp9KT1BMGL3nKCFVVbS6DhXTEDmIdRRwdEvDzK1VoGd0Uw&sig=Cg0ArKJSzJnvo7AQtTeLEAE&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699540741506&rpt=1583&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C3E 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_q04EMpf37B5JmPvfmY8VRx0DOzbuQWKLQtyeJInYzwZ0E4kJffJrUQIkh6NxO88DsWakQlQXKRSji8Yhev8t4kmcfJkLW1gzgjdoF08AaBiVqQb1RInbXzVGrzSYMI2IpXrgmfE7eDcJ&sai=AMfl-YRp6ow1DxA5Rbdlpo3o07BDf3j9eBXG4Ad7T0G2zBevx7qGBYlq63hW63q3hFYUMU9gqaFURaRpwKTVf-uas7LN8rASJdrORatn-xlEkReJaRvmohLSp6cyAU-8-Wz83LqUD8ZhqlYwOVHvPauF&sig=Cg0ArKJSzKmAadS-JyZ-EAE&cid=CAQSTgDICaaNHj-fZ1pIPcSrQFhFuzepMRAE8sAVX8BGs1S721vevS27kjbaKAtRTys6UNha9o_OEd2a2tRgUyBIR5Fa852IpJWVcUPpLIs3bRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699540741520&rpt=1768&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
46 B 20ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GGWE9JN3KM&_ono=1&gtm=45je3b60v9127039516&_p=1699540739342&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1157778530.1699540740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699540739&sct=1&seg=0&dl=https%3A%2F%2Fxiaoko.com%2F&dt=%E5%B0%8F%E6%9F%AF%E7%8E%A9%E7%A7%91%E6%8A%80%20-%20%E4%B8%80%E8%B5%B7%E7%8E%A9%E7%A7%91%E6%8A%80%E6%89%BE%E6%A8%82%E8%B6%A3&_s=2&tfd=9209
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGWE9JN3KM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xiaoko.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xiaoko.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231106&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9c3a502d0c073dda530cc560fa9f4998de9136ef8a383dda43d184bb5268acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12193
x-xss-protection: 0

GET
H2 200 a
www.googletagmanager.com/ 0
60 B 35ms
34ms Image
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1442354357&rv=3b60&u=AAAAAAAAAAAAACA&h=Ag&gtm=45je3b60v9127039516&ccid=127039516&cid=G-GGWE9JN3KM&l=G-GGWE9JN3KM.L2235.S3.Y18.B16.E8886.I5415.EC6.TC13.HTC0~gtm.init_consent.S0.V0.E17~*.S0.V0.E20.TS5ogtgasend.TI16.TE0.TS5ogtipmark.TI18.TE0.TS5ogtsessiontimeout.TI19.TE0.TS5ogt1pdatav2.TI20.TE0.TS5ccdgalast.TI21.TE0.TS5ccdautoredact.TI22.TE0.TS5ccdconversionmarking.TI23.TE0.TS5ccdgaregscope.TI24.TE0.TS5ogtgooglesignals.TI25.TE0.TS5ogtgagamlink.TI26.TE0.TS5setproductsettings.TI27.TE0.TS5ccdgafirst.TI28.TE0~gtm.js.S0.V0.E14.TS5gct.TI13.TE0~*~gtm.dom.S0.V0.E151~gtm.load.S0.V0.E1~GA1973.465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:08 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Nov 2023 14:39:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF1F 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:31:15 GMT
expires: Fri, 08 Nov 2024 14:31:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ACDC 829 B
562 B 40ms
39ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4772a6fd4e74e50265fdc83edb3ae8b362609e21c0c847aebf9ada263094d72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z2x-y1j7Bc7OINCWF2IenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xiaoko.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z2x-y1j7Bc7OINCWF2IenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 14:39:08 GMT
expires: Thu, 09 Nov 2023 14:39:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame CF1F 38 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 10:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 10:38:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF1F 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mIC0Ng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:39:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ACDC 0
0 53ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231106&jk=1101596155732342&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231106&jk=1101596155732342&bg=!w8ClwI_NAAb4oU7C2KE7ADQBe5WfOEzgX7i55RtOWmnFWMPGgVjTwwMWtehLpkvcCQGcmt_EczxznTsN2rCNRX1Rx4n1AgAAAFZSAAAAB2gBBwoABY5DuvSmmQK5-0edDvkxpf88b52egy7XogvDO8yG88jIZ1QHu638kndYDue0OjO9DpN9vl6nl4C_TjyrT408cF_98j7zgokNESqfkcQ22ZmWf0f_ofsLQmnxqEzRUmIRKJM085bieynA5TJDApmYhBMWywU_hsyp8g36tfwpg3Kb2--_dg-CIRz4FxNJkJ9ivFvAqd4zK4I5qkUYPVpPLOUgvRIAAWyxM4AEW9-fE4h-gQ9voYbZnBci0tlLaQ3vZMwas7hOaJmPm7LY_QhfGc9aq9wRcsIF3MbQsQleELpTsbq9Ydsz5FbmEYcEpeCQtjiXVJiAhN2Hruj1OXQpwMrW6gXQe0rbecsRRU93fxeb5a1TddFO1j4lD7GcmhKnSvtOAqu4ad_Z985oaq0tOGXTZrS8MljEQLXYVKLc8adGyLtrbWzWpU37Foexq2lfYkcdhyj40OLTy8fwj_zvMRGL94CDFQFyEfe8LdpZs1goOymOV8in4vYmRvkQBnoQPNeNliB8QP-2kO7Kp1kL8_d0MoXe2pciX_xiPFAuv8op5yT0N_F8Y_j7Du0mkboxom2IWzG3eLc3AXr9JMGtZqoXfsaKk6MXTJskwpiHVVk6rytRxPDr6Exd0eZ-e-Y-GwSkoXUu5X2ab8S_WL0yOrEhiFAcDoceWOTbFXu5jB0RB--b_KgQsnmyLjD16RDc4M-tHlaCWWLvH89mD17H0CQWhx3wIxBsg0ZVxuKnbl1QLxMrumcvvLooNrnbXLR96dKW8uHhp9QSttUv5-TLPlH_-TjNCT3NApUib6p8PP_-rbAHbjXrbdfs4E1P12dU5N-VIcsBhcfrVwcUu2eZBrD2tn5_HU3ba-GY-x2fab9YeJQD9HCFE1EFBosFLFyex8fVeDlkMJJOc8392yWETzsYKJ_KAweQlwSKAQFnRcuNXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
25 B 79ms
79ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8621947540976182&su=xiaoko.com&eid=44759875%2C44759926%2C44759837%2C31079402%2C44807462%2C44808113%2C31078297%2C31079384%2C31079156%2C44808148%2C21065724&doc=complete&pg_h=5208&pg_w=1600&pg_hs=5208&c=2&aa_c=3&av_h=363.600&av_w=438.538&av_a=126842.875&s=1206&all_s=18&b=4409&all_b=336.328&d=0.232&all_d=0.349&ard=0.023&all_ard=0.076&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xiaoko.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 14:39:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xiaoko.com/	1970-01-21 01:41:40	Name: _ga Value: GA1.2.1157778530.1699540740
.xiaoko.com/	1970-01-20 16:07:07	Name: _gid Value: GA1.2.306369839.1699540740
.xiaoko.com/	1970-01-20 16:05:40	Name: _gat_gtag_UA_47922823_1 Value: 1
.xiaoko.com/	1970-01-21 01:27:16	Name: __gads Value: ID=aba9c157b91ba6ae:T=1699540740:RT=1699540740:S=ALNI_MYp4gp0YF4TTj5X8T803ZmQWmXOgw
.xiaoko.com/	1970-01-21 01:27:16	Name: __gpi Value: UID=00000cbdafd7391e:T=1699540740:RT=1699540740:S=ALNI_MaOxlk-kBcvFBoVQfq7F__PEbbv-A
.googleadservices.com/	1970-01-20 18:15:16	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 18:15:16	Name: uuid2 Value: 208775883853943279
.casalemedia.com/	1970-01-20 18:15:16	Name: CMPS Value: 5238
.casalemedia.com/	1970-01-21 00:51:16	Name: CMID Value: ZUzvBW.39yzgmWcj8pGuWgAA
.casalemedia.com/	1970-01-20 18:15:16	Name: CMPRO Value: 5238
.doubleclick.net/	1970-01-21 01:27:16	Name: IDE Value: AHWqTUnnlC2n-7xRjQAF55EcYWS6ructI2qj7y72vppWoMNUOSM8biFu0Q-2Nynl-YU
.doubleclick.net/	1970-01-20 20:24:52	Name: APC Value: AfxxVi7tjf7g1_Z8fdwcJPMbKGVXDgyWy9w8yGHLQHEEC-40DL8uxQ
.doubleclick.net/	1970-01-20 16:05:44	Name: DSID Value: NO_DATA
.ctnsnet.com/	1970-01-21 00:51:16	Name: cid_6066cc7ca352417485eb72e6b5128f26 Value: 1
.ctnsnet.com/	1970-01-21 00:51:16	Name: gid_CAESEPQ56rwjfeGhYVlEyOKrtx4 Value: 1
.xiaoko.com/	1970-01-21 01:41:40	Name: _ga_GGWE9JN3KM Value: GS1.1.1699540739.1.0.1699540742.57.0.0
.adform.net/	1970-01-20 16:48:52	Name: C Value: 1
.adform.net/	1970-01-20 17:32:04	Name: uid Value: 2469376928607772341
.adnxs.com/	1970-01-20 18:15:16	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb<pT8n9!A#F'(<j<dINiYhTyXnfi8FW/jO`3'a^PifkM.qj0sU_/k_THo/%GX.m[DlW(j#iP(Md+>)fy*=pWEMI
.agkn.com/	1970-01-21 00:51:16	Name: ab Value: 0001%3A7aDi8yO12tSAI1Vr%2BSaYNVp3Ybr4cMCM
.agkn.com/	1970-01-21 00:51:16	Name: u Value: C\|0CEAs36uGLN-rhgAAAAAAAQ13AQCAAQpAAAAAAA
.everesttech.net/	1970-01-21 00:51:16	Name: everest_g_v2 Value: g_surferid~ZUzvBgAChjhiBQAm
.yahoo.com/	1970-01-21 00:51:38	Name: A3 Value: d=AQABBAbvTGUCENIWffUUxhZLkFthjQ9MzVMFEgEBAQFATmVWZQAAAAAA_eMAAA&S=AQAAAoa0mfqw6MAs4oPvSIuenzo
.turn.com/	1970-01-20 20:24:52	Name: uid Value: 7919951959295601580
xiaoko.com/	1970-01-20 16:07:07	Name: tUCGHlzKv Value: Dz%2APBp.%40uN
xiaoko.com/	1970-01-20 16:07:07	Name: aTrFzbJ-tKjG Value: 12pm%2ArZ
xiaoko.com/	1970-01-20 16:07:07	Name: ILKYDJhEa Value: Ffa%2AvolqUpgCO0m
xiaoko.com/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ade.googlesyndication.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
d.agkn.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-c0q7lnsl.c.2mdn.net
region1.analytics.google.com
s.w.org
s0.2mdn.net
static.addtoany.com
static.mailerlite.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xiaoko.com
104.18.36.155
142.250.181.226
142.250.185.194
142.250.186.166
151.101.2.49
172.217.16.194
185.89.211.12
192.0.77.48
2.18.161.51
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
216.58.206.34
2606:4700:10::ac43:2794
2606:4700::6812:c45
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400d:13::6
2a02:fa8:8806:16::1400
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3605:4684:36f0:2036:f07d
2a06:98c1:3120::3
2a06:98c1:3121::3
3.120.100.40
35.186.193.173
35.244.159.8
37.157.6.232
64.233.184.156
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
01eaa2dd259bac7c42033ab6a81d64c5fe9e287ee54fd422a10da24cee0f380a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2
15905ffc1a97afd70225284b0a50eb9971786f0d00a4c93c9adda68d6b71927d
1656d22c737320bd57982119051cd7fce91107aa982ff942a7bdd7107137b2e6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
1bb352ed74627a066db83b132b5de1e4a90dd0c191cb6e527c0189ca2748b76a
1dd403951619d5e02b88509296956bc45c48a64cf29970dd15368e5e8cad4003
20cd247f89c1fc1f053ca44535a76e7917ddc2088c3215b21b86165457248af2
21d2dfb24132e98b78a83ec9975aea8598b2091a78eab5fe66501873f655cec2
234443c5e8844e0a1ff549111e5e0313346b828aa05f6432af1ca750d971a1bb
24236e1ceb72ee64c657dc0f06f944c283e26fdbd21528c121c3ad65f8f7824b
2680714365bc156ea8a983bb383012078202433dc2be5f8282724876158d3152
29104e63e90821f3d1148b38d19af41d995a1d4b0168d251d889f5c03be7abb8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c3e29bf4f4c40c0191d1c06c200c7462e99ed795976c565ec1f951e69315128
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31fa01fc8e93ce50c1dad096b125294f1f079f82d1e1df61520cb20f88eb359b
32784764f8cf49e2f4f732c61febd35fc9e7a513dd65e36b5c05940f15a2879a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
344986466057284b961f47689bbecf59c984084b59eef94bba9db28514627a20
35f60e421c4ae3d5c54767227e2a32fb84955699b47b5e070995683e3a6d037c
39a95abda660ba5b3d0465459168d211ca3fc375430d0ae0b1440b27625a37f8
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3c517e4903a0e010903fed9de82687cf9e382baa4cc9a8f03ed006a12c084df1
3d3d8872ffcb0f4f9bad68c9292caf3333e20e1d87c45e39b00cb922a1b5e889
3df2ea7a7ca36a531bcc856ecbafd10de393ee14d757c134f627fc8e59fdf25b
3e0d5cafed1cd3b92fffcf4bdf7661473212dc0d9ffc20fe21f6ccd4f6b491a8
4104998ed3276277cb74a9d0bd265900e3d65e05d8828d7557559fc308e847da
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41efe18a7b0136a27c221ff5fd45b5ee3f197da89ea9571ca0fe0a4f31e7b9a3
42fa08ef2bddc929d41ef3bce63f5dbcf3ecb2444b5f4ed13e95b4f5ea14e2ac
434909defe5c654cd3ec984a1199cbd4f370f98f02e0fce3f89f9c89661736b0
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4426da9093bb840e2939a3457bb4a33dd3ad043e7de056df67dc583d8362b8d1
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450d57a3d0c3b4a275ca27e4442022105fd7a389a5701a00417766ebbf0ba3f0
46873d879887ad51d476b020f0b7b0f427870c1276ee6498dc10a3d283fa6292
46b6a02ec0a02b1450808dbe4918cd4f12b279d5df33f8f6ab7b51cf6d9bbf42
47417194b984e994b27ccc53747f5b0c92181aaa81082f0dfe7b11fd6a426344
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51f5db6196e0e410aa9d6a73cb58f239750b7d7971cc9b6f4d4388567aa3f9e3
52f5e4e8c7ae9dab40551e4772fc8164a144899355133482863576f2ed22f21b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b
59113a3e5447609d21310e8e024f9724c268ab65589d34bcf3b0dd8ad86d51ca
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e5082a5d7520b50ba4668208f4862576ec02c7d7518e083204aa1d766ca8145
60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e23732887cfaf95a6f7b9d7b8ebe3e2e0785d8533127898f2603d29515a41c
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6299f78fd6a0c8b37dced1cf3d180ca38241e03f434d72efe98794764351f8b7
6546d787c969285a5be3c3545875385746b8ecec80ebf9be07e94b1121237004
6671249683f30cbeaf1362a61f8793660a1ea97751cc7f4a614f585fa41b9d91
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6b949a5ef67b2700115435765dbf8fa5abec8e68061771a80cfdb58e382ea4bf
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6ca5b93de28277c9c88099130c51afb0d30de723c657c6a055ff51f9268c1196
718aedcb97d0479f9db6b37f90ee9374815bc129c81c6782db7f09b46fa582f9
722bdbbb3330309de8aab188187725c0ec7ac9ccb4e4a8b8450ba304450717ea
7230f9aed5b09052af2a66cb6b89ae23545c00798b3e8c15d4baf0df6cb8f6b1
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7688bd055ffffedd083a935cf6e0ccb9c53c1cb738a5a70d66902c2d7d8aec0e
7707208a1c71243cb764c0a95bc41ce8b0d2a316d2d01b3b9678b2560cdb06d9
7772a4b61605d37556784814cb18711cfa00cf8f99a57c8c93246d13b89f6f89
77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187
78f06d332813fa4a0ee77cdea2f811c3013baf203f8c3fe52686a1f94a25fd36
7c70541cbc66c4b8c80b32b87187eb525940edac0927383c780c4403b2426b8e
7ccc4eb3e8c138e0ac4c09d09e765d3228f6fdf29b134613b5a2331c47b39aef
7d1c673ab93e90b90035f39e95c2248f683c873b87fbd62fc710fd52beb83800
7f050c86c66e9b11e28247de8549e2367796808ed7171d146d8d3768056ceefa
827ec62dc91e175035048cc9e62abfde1245c380b4016be58c26f8f496264e9c
830b465d179332970ad5bde0a3cb08c3cfe9d0fa591e42a0ea954fc1114b27f8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f03f3be43587f9af0e5a0ab2d1ae2185f4fea5f0ac7223b291194eb2a04935
8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f
8c379a6fefe00951ea7f707d3140ab723a6f06cdb29c87517aac37721d6813b7
8e4776dc3b06bf5f5c35d9f12a5aa29a952d32d182706deeacf3c25906765f9b
9395388ffa7acff061a7b6b8ca84c44344a631e79a9ca1e1d4f5a95f01f2ff80
941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d
989e62e6e4e9b311729ffbd6032741e64511c2d64dfa7f89ee9cae4e28750e45
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd2a627909749bc9a69bc0c6ac291d6a54e345c14d0d567511b895bd7b5f557
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a2c4f4a482be8e23b4756169087f0d2f33a890e03714d551bddd754ba8fd1770
a64e3f383e0e12b22980784cd0dc2008e428165546260d0cc98fc11d9f5909fa
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
a93bed5b8a687005bfe9dd427c2387382b8ed9fafee0c787b60e850b1f59035d
aac95363c54123bfa8ff6313fa682d242deb4f603782764257a2b2f5e52f4407
ab4318b34ba8bf4766cfd93811508a5f82240393443e369a774fdc1580794281
ae46d0e503a3dfd8446d129bfeb58e8b64f7aced05bfc73c9fba2a3c3e7be498
aebc569dd4be8998817ddbd6e5f69dd14c4ffb4d011fabe409b52fb31b11e580
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15044b2aa1c432c24c3fa34152e20013ee17a71ecb75381380faf177d8c99d2
b338467134ebf8408837506f6e18f61a5f25e36519fe11925cac26236e6653ed
b466af9eb2027a78369ddc1f09f19dd1ec095df1d87dc57f7b11a6bc2ab5cffc
b4d38ebe31a12e6c88de4f40af63dd23841c9879f168a8824aa475029ef59dd1
b77f9a36024173b226b89a546c6dea19b6e7f24f2cb64eb328c2a547a0e49c06
b815051cbd9111e463570479d5fa2517f1a7d6c632eda6ee995961d3f983a6f5
b8fd5d13b84d5f3e43e800f3bbc3fe0e362b9f062690ee944c48c5ce7994474b
b9c3a502d0c073dda530cc560fa9f4998de9136ef8a383dda43d184bb5268acb
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb996cf9a6a3bcc18e9f70f4f7cb3e2f827d7539272676e2c08cc8347f9dbe83
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c1efe339eefda2e0d1fc69c5942f9ea2f7703067133ff63633f2412bb30828e5
c4772a6fd4e74e50265fdc83edb3ae8b362609e21c0c847aebf9ada263094d72
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c93a269c74c265916e9b074794dcff2691bc196dcc39d2ab0ae8af71269df569
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cc7641e858f2da1154a4ee1d7d786a4de42d43eb4d862b388cf1346eba11e2ea
ccace50325bedf72cb77bf3c7ce2fa650d1dfe9bed8f7f4f2750a50000171e34
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f8d9203a084855ec3252ed54409199f6610b7352b507d00d5a01b0b94c0c1b
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e1de5f2fb4bcec62477a89e2784007a0eb1daaafa1359fa46a544e9bff0da3b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bec718404d0d9849ef9dd57d6b965a6127ac4b63ecc18aed217637c7aca7a2
e4e0a3a013e5a5ca3a040c9600a14b4236e5afa1344f82507e2112e4889551bd
e5847f348a4a136d00816c7b18e42cd0f67b762057cb00a3e404abf6dc5268c5
e850610f3ac70a4c28326f934fa292bab59838b3ca2075c7c331580c72f99b88
e91f064edbc5c02f9fbc507eec846de4a78216fa34c1f11d228e8758f9f1b367
e9aa360b0b0a58060add955ece0bb0e60e7d671cb81166caccf0a8a35d9213e3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec5999e74cf0503a998e8d7e06fa3c3d0688b7b70307620c91eda6e409fb8e05
ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d
f8f683a9c70dc4f75607ceb4e7b78f421e4c432ef5f576e15ecc336d57759a54
fafce064f0e83f74f54df00067b34b1255b62c9b0856d16057f5339439bbb110
fd976380d85b662813bb7dd4f94a9a78cdec54bfe774cd622918b1654fb4f5e5
fe38ee7e7ae0cd56326a4b846e39702c26b70fb164fa770723b00f5b4ba103ee

xiaoko.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

265 Requests

91 %HTTPS

63 %IPv6

29 Domains

39 Subdomains

34 IPs

7 Countries

4950 kBTransfer

12042 kBSize

28 Cookies

15 Outgoing links

Page URL History

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xiaoko.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

91 %
HTTPS

63 %
IPv6

29
Domains

39
Subdomains

34
IPs

7
Countries

4950 kB
Transfer

12042 kB
Size

28
Cookies

265 HTTP transactions
9 data transactions