4d88.asia Open in urlscan Pro
2606:4700:3035::6815:4bdf Public Scan

URL:
http://4d88.asia/
Submission: On May 03 via api (May 3rd 2023, 11:49:38 am UTC) from US — Scanned from DE

Summary HTTP 106 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 13 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3035::6815:4bdf, located in United States and belongs to CLOUDFLARENET, US. The main domain is 4d88.asia.

This is the only time 4d88.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3035::6815:4bdf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3033::6815:3c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
106	20

7 2606:4700:3035::6815:4bdf (United States)

ASN13335 (CLOUDFLARENET, US)

4d88.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.4d88.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax01.4d88.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::6815:3c7f (United States)

ASN13335 (CLOUDFLARENET, US)

h-io.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	854 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	163 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	155 KB
9	h-io.com h-io.com	124 KB
7	4d88.asia 4d88.asia ajax.4d88.asia ajax01.4d88.asia	20 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	196 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	601 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	249 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	78 KB
106	13

	Domain	Requested by
28	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	4d88.asia pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	h-io.com	4d88.asia h-io.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ajax01.4d88.asia	cdnjs.cloudflare.com
2	encrypted-tbn2.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ajax.4d88.asia	4d88.asia
2	4d88.asia	4d88.asia
1	encrypted-tbn1.gstatic.com
1	encrypted-tbn3.gstatic.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	4d88.asia
1	www.googletagmanager.com	4d88.asia
106	21

This site contains links to these domains. Also see Links.

Domain
i.check4d.today
app.4d88.asia
m.4d88.asia
goo.gl
www.bigsweep.com.my
www.singaporepools.com.sg

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.4d88.asia E1	`2023-03-07` - `2023-06-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://4d88.asia/
Frame ID: 29F3C90C54307DBD175FB9AD3F34729C
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html
Frame ID: CB531BD85EAD86A513CB44CEC45A5BA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&adk=1812271804&adf=3025194257&lmt=1683114568&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2F4d88.asia%2F&ea=0&pra=5&wgl=1&dt=1683114572000&bpp=3&bdt=1413&idt=195&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670572567703&frm=20&pv=2&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: 82397F4B3DB0DA17F2FE4D8EDF5E754A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=90&slotname=6714996718&adk=3833269039&adf=149312762&pi=t.ma~as.6714996718&w=728&lmt=1683114568&format=728x90&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572003&bpp=1&bdt=1416&idt=217&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Y98EH5ZXu4&p=http%3A//4d88.asia&dtd=221
Frame ID: BFD8F2E4421E07C63D51973F3FD3F3A3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225
Frame ID: 8A151F64C9DA41833375E8873CD8DE61
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9182333601&adk=3579973386&adf=660213742&pi=t.ma~as.9182333601&w=300&lmt=1683114568&format=300x250&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572006&bpp=1&bdt=1419&idt=226&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C312x250&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=906&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Oz2MyLrSXx&p=http%3A//4d88.asia&dtd=228
Frame ID: 9A075ABFBBD8AF91121089759A37D39F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A33511C707405CE2B2D00C824F6C05AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11554E01E769D503D936FC945D9818F4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCCB94A43D5380DC8F64128B4F6FBB91
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BE9AB3F199771EFE1BDECA3E8C876164
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: 30EF4EFCC9CE98178D5E2C55417ECE52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: CDB8ED549972A0D1E08EA99B9BD41B11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: 8A3410D5D47ABDBA8C990317E165CB74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1
Frame ID: E4F9202CC9770BE8A94243D60B60A2EC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53723992913876556C3E6925CB5FD997
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: 1494A31EAAA45022287B6A625E8BB213
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: 8C7886534D8E86C03A6B6F7BE4B8D1AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4D88 | Original 4D Results - Magnum 4D, Sports ToTo 4D Jackpot, DaMaCai 1+3D

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

87 %
HTTPS

100 %
IPv6

13
Domains

21
Subdomains

20
IPs

2
Countries

1627 kB
Transfer

3916 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://i.check4d.today/?frm=4d88&id=menu
Title: KHCambodia

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/chat?mode=web
Title: Chat

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/statistic?mode=web
Title: Statistic

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/draw?mode=web
Title: Draw Date

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/location?mode=web
Title: Location

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history?mode=web
Title: Past Results

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/index/analyze?mode=web
Title: 4D Analyzer

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/widget?mode=web
Title: Widget

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/how/to/play
Title: How To Play

Search URL Search Domain Scan URL

URL: http://m.4d88.asia/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/index/print?mode=web
Title: Print

Search URL Search Domain Scan URL

URL: https://goo.gl/Z1ujqr
Title: Facebook

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/about?mode=web
Title: About

Search URL Search Domain Scan URL

URL: http://www.bigsweep.com.my/content/
Title: Malaysia BigSweep

Search URL Search Domain Scan URL

URL: http://www.singaporepools.com.sg/en/product/Pages/sweep_results.aspx
Title: Singapore Sweep

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/push
Title: Free 4D Alert

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/draw
Title: Draw opening now, 03-05-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/how/to/setup_secure_dns_chrome_en
Title: Click here English

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/how/to/setup_secure_dns_chrome_cn
Title: 华语

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/how/to/setup_vpn_iphone_ios
Title: Click here

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-05-02&mode=web#ktm
Title: Tue 02-05-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-05-01&mode=web#ktm
Title: Mon 01-05-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-04-30&mode=web#ktm
Title: (Last) Sun 30-04-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-04-29&mode=web#ktm
Title: (Last) Sat 29-04-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-04-28&mode=web#ktm
Title: (Last) Fri 28-04-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-04-27&mode=web#ktm
Title: (Last) Thu 27-04-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/history/date?d=2023-04-26&mode=web#ktm
Title: (Last) Wed 26-04-2023

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/about/disclaimer?mode=web
Title: DISCLAIMER

Search URL Search Domain Scan URL

URL: http://app.4d88.asia/about/privacy?mode=web
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

106 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
4d88.asia/ 34 KB
10 KB 252ms
200ms Document
text/html 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce74db94f493e014bd1e5ce5d4b349590338bfb25188159a1f8f221eff66b49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c1847f0fd9730cf-FRA
Cache-Control: max_age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 03 May 2023 11:49:30 GMT
Last-Modified: Wed, 03 May 2023 11:49:28 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWT2weloHkwMWhFDrk2q79rUIBMU7rBMmEcHcg05jhb0siOktCPSsooQNw0e6%2BpT%2FrIiFUVoAUHeyl0BGQUQcWTPLXVu31od3Pd0gEG53Y42B6auMszM7xSjGBLV%2F68fIlRvIKP3GJA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK app.js Show response
ajax.4d88.asia/_views/lite/js/ 908 B
1 KB 202ms
47ms Script
application/javascript 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ajax.4d88.asia/_views/lite/js/app.js?v3
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f64d4c059060ec66eec0a979ce45c0b441572a909c528b784ca4eadc2c2d215

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:30 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 170
Cf-Polished: origSize=1319
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Wed, 24 Jun 2020 04:38:06 GMT
Server: cloudflare
ETag: W/"5ef2d8ae-527"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJHsq8k3KDWo7QveU3bT7qKhVTWT1ZqPo7ivcGN37CwYe%2BrZcXBI8Kvz3r85BvJXgp2iE9Ojp8ElOca2odgXjjo3u%2Fyrbk6DZffuaSi5rsjmgWElgswvn%2BFR9jnkAQ1pGsdx8uTxeOk6f95pkA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CF-RAY: 7c1847f33f15161b-DUS

GET
H/1.1 200
OK bootstrap.min.js Show response
h-io.com/_views/lite/bootstrap/js/ 36 KB
10 KB 672ms
188ms Script
application/javascript 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://h-io.com/_views/lite/bootstrap/js/bootstrap.min.js
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 24 Jun 2020 04:39:05 GMT
Server: cloudflare
ETag: W/"5ef2d8e9-8fd0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtfLSCLK4mN16p0VguncXPmF5c%2Fd5XVKERswotvrCRNq%2BoWh%2BV33k8BS0RTHzY1oxt7rxaXALHp6CPnZh7KJuFBxoo2w0ejTPHbmeFsuxGENLg0n2o5J6GBQIKcI1RkapPtroQkF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
CF-RAY: 7c1847f54c0590d4-FRA

GET
H/1.1 200
OK bootstrap.min.css
h-io.com/_views/lite/bootstrap/css/ 120 KB
20 KB 694ms
210ms Stylesheet
text/css 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://h-io.com/_views/lite/bootstrap/css/bootstrap.min.css
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 24 Jun 2020 04:38:51 GMT
Server: cloudflare
ETag: W/"5ef2d8db-1deac"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvvXPGkKPBcWu917SWb1oVXl4GNn1gNFriXXWfwfThzUlRGLB2jOATt0E7knGCFVOPtUoCsC%2BISzREarrfMdtcMWmOWfQud8Fjy5d7fqfzEnOQDIn5VGWl4nPQy0IjOMN0IHF%2BDcmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
CF-RAY: 7c1847f54e9c1c7f-FRA

GET
H/1.1 200
OK dash-loader.gif
h-io.com/_views/lite/img/ 265 B
1 KB 673ms
204ms Image
image/gif 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/dash-loader.gif
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 265
Last-Modified: Wed, 24 Jun 2020 04:37:48 GMT
Server: cloudflare
ETag: "5ef2d89c-109"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRDQWRbpPe3RHuultp8asTMXTgXkX4DTf%2BN4oKOoHTtSDKr1Z40gmH%2BFaucw9lJBX7%2B6oexQJm3vUPYH45AIiGbwlpebzFpJCwHpgcccGFfHuZWEO4A3CaOSbTW5GxMvXlcAdeRYkA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f54a689104-FRA

GET
H/1.1 200
OK 4d88.png
h-io.com/_views/lite/img/ 3 KB
4 KB 520ms
43ms Image
image/png 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/4d88.png
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac8a8d3fe7049b1534d2bff137f4d3b08c811def9fe5ffbd5ffdefed94fd1ac2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 437
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3379
Last-Modified: Wed, 24 Jun 2020 04:37:37 GMT
Server: cloudflare
ETag: "5ef2d891-d33"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=reV%2BIPdrhzbEXMhQASBtsr4uF6Kjxh4boLDzEugKQG8kOOj29Z3UOiULPq%2Bu437oQmHMOr53hATtvu46eQX1Mi4hovg7AOCbMzBpZH8T0JQN2tcMcYc8RihnKnzIStTatp7yMlKUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f55f9c0c75-AMS

GET
H/1.1 200
OK rocket-loader.min.js Show response
4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/

Protocol

HTTP/1.1

Server

2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Apr 2023 11:29:10 GMT
Server: cloudflare
ETag: W/"6447b986-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBLgLaUga9IElaU5i3RFnED7tc9BQCsOr55zaQOVAGlrr2%2FOL3RZ2m1hJe2jgyy9FWBeS391bElZrYBNZccz%2B2CgIM%2F2tIFxdF7hZhjgDv9iBmcnvdyM%2BwY4BI8G6YjKAadXKAjlcSo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7c1847f25f0e30cf-FRA
Expires: Fri, 05 May 2023 11:49:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 98ms
44ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DWLGYX9EGM

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eddc51294200539f639b8ef42eac0d11b12bea5ef1672034af8ec7da7af627ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 11:49:31 GMT

GET
H/1.1 200
OK livechk3.js Show response
ajax.4d88.asia/_views/lite/js/ 3 KB
2 KB 40ms
39ms Script
application/javascript 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ajax.4d88.asia/_views/lite/js/livechk3.js?v=1.24
Requested by: Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50372537ef89799b68624931d8ca847de7019a293550e701b2a9a5376a208cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 171
Cf-Polished: origSize=5112
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Sat, 15 Apr 2023 13:16:49 GMT
Server: cloudflare
ETag: W/"643aa3c1-13f8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VJnMWtgH9B%2FT3VtHGHE5rj%2FdNaEqdMX5zyDHB3WUulCOfbEIJ2atSod6xfDLw0DsD17IqMJ818b8BkKyA8r3nrkv8SyuaT5l9U%2B5sLjI45NA370fp9VnKmoEVm%2B8HYMorL%2BPt1NXt4mQfm%2BeA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
CF-RAY: 7c1847f6ac24161b-DUS

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
49 KB 96ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

494b13bfc9ceb6ecf6d533f3b484b1d8ee346db73d6a15352cfafef5a8eb46e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 49987
X-XSS-Protection: 0
Server: cafe
ETag: 16512964483731734884
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 03 May 2023 11:49:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
47 KB 135ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6503871500211987

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56033320c2627c1cf8dd171d623c2bc56233939f82d6ccddcccaf009709dc56a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Origin: http://4d88.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47495
x-xss-protection: 0
server: cafe
etag: 4722890072078460838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
46 KB 131ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea97c1f2395711b1007b7d5280bcc7700c608691584de6095a3399c29b34857a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47103
x-xss-protection: 0
server: cafe
etag: 8895221225959459368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:31 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 95 KB
30 KB 80ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 457315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrXcHFGu6f3mPHU7Wq83JWWF82anQYaGKpnTw5WG9jOVlGG7jNa%2FRaQv3LaeG%2Fv4oRS6%2F%2BV7QHnsjDkyQ9uGqGwRUQ8WJTYYHjHvTdEPwyx1X5J3hOF2UgBSeffocbly36xXs%2B9qEZwed4uMMLE9iOgy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c1847f6fd5191ef-FRA
expires: Mon, 22 Apr 2024 11:49:31 GMT

GET
H/1.1 200
OK bg.png
h-io.com/_views/lite/img/ 60 KB
61 KB 208ms
208ms Image
image/png 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/bg.png
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29c2cbc0e57c4327c1ff0b6e81ee341f9ee6007723e73a765cedce91022f6d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 61898
Last-Modified: Wed, 24 Jun 2020 04:37:46 GMT
Server: cloudflare
ETag: "5ef2d89a-f1ca"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWsHSRDVUCVLXnglKpXwFvwR4ZbiSjNV2Vi1wmSj2VEQo3MrBluW9%2BR7hzQ3tTLlSZXIXNryGdrK9XZRaPggAlLtn2poLqxKk%2FG3hutYkpMYmWYLUtz%2F6wE6RcaFSpY8I%2FKGV3Hxvw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f69fd71c7f-FRA

GET
H/1.1 200
OK bar1.png
h-io.com/_views/lite/img/ 2 KB
3 KB 683ms
683ms Image
image/png 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/bar1.png
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b011d187544f9915fba10ad655b77ea2cabb07fb63fa3f2eca576110e4279f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2295
Last-Modified: Wed, 24 Jun 2020 04:37:38 GMT
Server: cloudflare
ETag: "5ef2d892-8f7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FXdvc%2BPbVlXivF7verco3sAl0gYEQgUSS99nqB5JzSE2tmSWFvhGIWq2b4qu0l7nDEGimiC7eIaLz66AektAKgzYUC1O%2BkQ3yif5068iHMeciuYAxeX1u0Yql%2FiaWBFtW6yuK74sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f6ab409104-FRA

GET
H/1.1 200
OK bar3.png
h-io.com/_views/lite/img/ 2 KB
2 KB 198ms
198ms Image
image/png 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/bar3.png
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 056c97c7968397ce37f8a8e2ac6b3c154e2b68b1d2dce9f1a89115607fa610f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1611
Last-Modified: Wed, 24 Jun 2020 04:37:41 GMT
Server: cloudflare
ETag: "5ef2d895-64b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQ09pkco7tqyJ2iL3IdW8yJbmAn4sgXyH%2FljGEKxdx2GjBUT7hVJp3IXQsVKiQLqjTFv3kOUo2wxJ%2Bs%2FMiBZ1cxMNZ%2BuRlzZQ6vihAyWdjkqRQYQ5BCFPju60Vwz4hle8bzhVxDBjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f6ad3390d4-FRA

GET
H/1.1 200
OK bar2.png
h-io.com/_views/lite/img/ 3 KB
4 KB 39ms
39ms Image
image/png 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-io.com/_views/lite/img/bar2.png
Requested by: Host: 4d88.asia
URL: http://4d88.asia/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8bf180a14c71468cf9c447c2086ef36c445a74268d8363bc4c4713b2ed11801

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 437
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3391
Last-Modified: Wed, 24 Jun 2020 04:37:40 GMT
Server: cloudflare
ETag: "5ef2d894-d3f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcAgI04FGvw8x1I0SvyiZ6hXx1k9iHfGtE5LG5NYh%2FXlTIWKpqCaFeQn4m%2FwiW7Udh7%2BJtkNJ%2BeZKngpYK%2BlRp4FDwN8hgE%2BOlgGld79LhPZFvUznJ5LbRV0Nt0QIqMYm7Dh8CgHUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f6a8d00c75-AMS

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
h-io.com/_views/lite/bootstrap/fonts/ 18 KB
18 KB 252ms
230ms Font
application/octet-stream 2606:4700:3033::6815:3c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://h-io.com/_views/lite/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: h-io.com
URL: http://h-io.com/_views/lite/bootstrap/css/bootstrap.min.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:3c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: http://h-io.com/_views/lite/bootstrap/css/bootstrap.min.css
Origin: http://4d88.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 11:49:31 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 18028
Last-Modified: Wed, 24 Jun 2020 04:39:00 GMT
Server: cloudflare
ETag: "5ef2d8e4-466c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9prwjMrhVVv33Pl4LlEK9tGVhAXSrORtfYlzq5m%2FDUZ60jMg7WwhkIlxCujLcTgF2zDQEN%2BRhuoEAwc3G4WC31AEP%2BFLJZHuSr1ydNKVxsBK43CHw3ttIc7VaHWm5%2BQkKKFHzabcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=1382400
Accept-Ranges: bytes
CF-RAY: 7c1847f6c9d930f6-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
47 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6503871500211987

Requested by

Host: 4d88.asia
URL: http://4d88.asia/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

635ef5e659af84836764880e52b47a36880763892ba79c33c5d167793f2bd340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Origin: http://4d88.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47492
x-xss-protection: 0
server: cafe
etag: 3303951485332475563
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ 354 KB
119 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503871500211987&plah=4d88.asia&bust=31074266

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a633bb18a796d87224e05b28166fd25938db5be40eb381c1fdbf0210c62d4169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122103
x-xss-protection: 0
server: cafe
etag: 6062986019623497499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/ Frame CB53 10 KB
5 KB 80ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 17:55:37 GMT
etag: 15057649708203361565
expires: Tue, 16 May 2023 17:55:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DWLGYX9EGM&gtm=45je3510&_p=783075222&cid=1800719378.1683114572&ul=en-us&sr=1600x1200&_s=1&sid=1683114572&sct=1&seg=0&dl=http%3A%2F%2F4d88.asia%2F&dt=4D88%20%7C%20Original%204D%20Results%20-%20Magnum%204D%2C%20Sports%20ToTo%204D%20Jackpot%2C%20DaMaCai%201%2B3D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWLGYX9EGM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 11:49:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://4d88.asia
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B.j Show response
ajax01.4d88.asia/ajax/ 452 B
762 B 309ms
226ms XHR
application/octet-stream 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajax01.4d88.asia/ajax/B.j?r=2023431149
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 386cd90a8e5e21162d51604dbc7b7885ebae91f38515ff1689dab66743a014ec

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://4d88.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 May 2023 11:35:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6452470b-1c4"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91cr6oDPikc2HZX9KcD5SGZky5KlHR09MsHgSgCqoLfY1zlGeUtaauc0tej5aImhbzvsspdr0EXdPaLhsB63yORo59sNNVTSnAwysSwInH37o06ihUOM5dGFy5hmWBktazi95TRIGKtFzhGsnJSx"}],"group":"cf-nel","max_age":604800}
cache-control: max_age=15
accept-ranges: bytes
cf-ray: 7c1847fc3ab97284-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 452

GET
H2 200 D.j Show response
ajax01.4d88.asia/ajax/ 437 B
757 B 315ms
232ms XHR
application/octet-stream 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajax01.4d88.asia/ajax/D.j?r=2023431149
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b37ae634c4a792e97e33d7842a3fb2b4eefaec054f7c8b7b937dd04f6cdbcc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://4d88.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 May 2023 11:31:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "645245f6-1b5"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWt315tDBJyuujogbgtycogXqC5coiEWRclT2%2F3bNqnNLrOzeq12uCaV1TPLDEw2ng3i1rHuUADP9DOZJaVFlkCzTGA4qK0InER0IE20vxyXy4ypuWDduquZL%2FvMCl2uFiRcp09CuxlC7tf%2BiHvi"}],"group":"cf-nel","max_age":604800}
cache-control: max_age=15
accept-ranges: bytes
cf-ray: 7c1847fc3abb7284-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 437

GET
H2 200 C.j Show response
ajax01.4d88.asia/ajax/ 452 B
991 B 302ms
219ms XHR
application/octet-stream 2606:4700:3035::6815:4bdf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ajax01.4d88.asia/ajax/C.j?r=2023431149
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4bdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77ea247c5c09ad069bada654d90444cc45d8666e891696c0079661e1638bd8b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://4d88.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 May 2023 11:32:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64524653-1c4"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6I7dNGG4deJDoDKKeGAR5Knt090b08B6F3df6hdTWAdIaTKbT1s1YcXIjfrfDJN9n1p2YieYgitqayKvC%2FNCn7Dyr2wiUISvGdTSWfjex9Iq3UFv%2BmoCAlEycZmA%2FCuUJGKTqvchvoYUL55UNQz"}],"group":"cf-nel","max_age":604800}
cache-control: max_age=15
accept-ranges: bytes
cf-ray: 7c1847fc3abe7284-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 452

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://4d88.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 90ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=4d88.asia&callback=_gfp_s_&client=ca-pub-6503871500211987

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503871500211987&plah=4d88.asia&bust=31074266

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54afab37599218c2b852a03062d04ebdab4e5cb82122e174b25bcef98f007676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 89ms
35ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4d88.asia

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 87ms
33ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4d88.asia

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8239 294 KB
58 KB 875ms
874ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&adk=1812271804&adf=3025194257&lmt=1683114568&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2F4d88.asia%2F&ea=0&pra=5&wgl=1&dt=1683114572000&bpp=3&bdt=1413&idt=195&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5670572567703&frm=20&pv=2&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e0f282faa08f11279bb13888ffe76a265883ab4fc76386325ffd0e321e47d9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 59605
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:33 GMT
expires: Wed, 03 May 2023 11:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 76ms
75ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230501&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d61b3002ca7b05955acdf6b03f3af5a69ce39560c520b2272e4833d75b0d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11138
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFD8 73 KB
30 KB 650ms
650ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=90&slotname=6714996718&adk=3833269039&adf=149312762&pi=t.ma~as.6714996718&w=728&lmt=1683114568&format=728x90&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572003&bpp=1&bdt=1416&idt=217&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Y98EH5ZXu4&p=http%3A//4d88.asia&dtd=221

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ddac838a6110438d36440194036c2fe51e1c9cc03c172ba5cd08d91c650bbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30232
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:32 GMT
expires: Wed, 03 May 2023 11:49:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A15 77 KB
30 KB 629ms
629ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0af0ebb42f7cf7169f4a61ff2705d43ab19ea5472b6a266d49a3d88e1a99548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:32 GMT
expires: Wed, 03 May 2023 11:49:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A07 84 KB
31 KB 547ms
546ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9182333601&adk=3579973386&adf=660213742&pi=t.ma~as.9182333601&w=300&lmt=1683114568&format=300x250&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572006&bpp=1&bdt=1419&idt=226&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C312x250&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=906&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Oz2MyLrSXx&p=http%3A//4d88.asia&dtd=228

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4f7e4ad7830197f17e8be633b19315eab373880e345bedb71b7adb3d4b9b103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:32 GMT
expires: Wed, 03 May 2023 11:49:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 140ms
34ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A335 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 07:37:17 GMT
expires: Thu, 02 May 2024 07:37:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1155 783 B
1 KB 81ms
30ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5b44313b88d5ab7419f97930393d31a646b524c1563cff394cc1f76920a6f3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9xNsw3DrcdzlPqiMp8BRZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9xNsw3DrcdzlPqiMp8BRZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:32 GMT
expires: Wed, 03 May 2023 11:49:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame A335 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1155 0
0 55ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230501&jk=1749122790418821&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A335 0
10 B 23ms
22ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TNFINA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9A07 6 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9182333601&adk=3579973386&adf=660213742&pi=t.ma~as.9182333601&w=300&lmt=1683114568&format=300x250&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572006&bpp=1&bdt=1419&idt=226&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C312x250&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=906&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Oz2MyLrSXx&p=http%3A//4d88.asia&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 11:27:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 9A07 2 KB
765 B 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:36:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9A07 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C01szTEpSZPzTEK2z1fAPldGcqAP5pKeecKK-i53GEcmSkI77CBABIO_4qAZglQKgAe3EvYwpyAEJqQKNWIRKBfW0PqgDAcgDywSqBPABT9B8hB4vW4F_juOe-3-fdm0lkRpag3Xs1zvyYq9xFFrlz6S2cYsnxWW9g1WbADHSAuSXEksxoMUqZiDymtUMzF4UPG_hnyCtnLOTPcULL8hLVVtSS-iPdRKTUnbvTrB3u7qwUSlrpyyanabbk0dq92r9MK5yXaGFQOBbNRp21xsXacQgCyEeB0V_zHWemGsfaj6b6yFtjxIM4ZSPvy9aKZsjE9kXggFLuf4QSd54Io0L0-OBA6L7VVWT-hSKw9S87ZJMt3qXbpGteA20tvaIqX5fI7TMYZq2Zuh6dqyHW2p0nrmfYQpx3dsMZGXSQongwATQ9KW8pwSSBQQIBBgBkgUECAUYBKAGLoAH7fyN7AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCHgQPSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsBuBPkA9gTAogUCtAVAYAXAbIXHAoaCAASFHB1Yi02NTAzODcxNTAwMjExOTg3GAA&sigh=0NDa1HnL4l8&uach_m=[UACH]&cid=CAQSGwBygQiDGTty_oo0foB7FzYxy4s0wiibTnYl7BgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9182333601&adk=3579973386&adf=660213742&pi=t.ma~as.9182333601&w=300&lmt=1683114568&format=300x250&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572006&bpp=1&bdt=1419&idt=226&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C312x250&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=906&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=Oz2MyLrSXx&p=http%3A//4d88.asia&dtd=228
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 11:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 9A07 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:35:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 9A07 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 9A07 19 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:34:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A07 160 KB
49 KB 91ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 9A07 32 KB
14 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/12270916285365456008/ Frame 9A07 52 KB
52 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12270916285365456008/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36b8512fa753f91f57f86ec1a9665b5f2f4e43bc4dc52fb04400084cc47d5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:42:23 GMT
x-content-type-options: nosniff
age: 320829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53406
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 12:08:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 18:42:23 GMT

GET
DATA 200
OK truncated
/ Frame 9A07 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbbf15c370f451578555d106e1505fb1a42fff967cb0d59567f2576cd1a2d1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 493004591896487619
tpc.googlesyndication.com/simgad/ Frame 8A15 41 KB
41 KB 24ms
23ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/493004591896487619?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnG39Ie7I6pfOIxicCpA0D4-p2RDw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de0211781c442cb198af1b2eb2e0df4baa16a724b893585a5fbda46f2288c6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 04:00:32 GMT
x-content-type-options: nosniff
age: 114540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42012
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 09:54:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 May 2024 04:00:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 8A15 22 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:35:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 8A15 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 8A15 19 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:34:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A15 160 KB
49 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 8A15 32 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb62fff5455c97f66ddb233cfba61136f51bf98e4fbd9ec7c203a62ab1012417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13019
x-xss-protection: 0
server: cafe
etag: 8496199140094913793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 18:13:43 GMT

GET
DATA 200
OK truncated
/ Frame 9A07 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395750b11e66f47716e9fb08b530a288984b81451a235c5cd32f09ee9521fd86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A15 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXNIHTEpSZMqZE6KChQa9gZ6YD93wn4ZvsM-o3LAR29keEAEg7_ioBmCVAqABnbqyowPIAQKpAo1YhEoF9bQ-qAMByAPJBKoE3gFP0L6dt1slKuP7Shdu-fotsVYsTywAY5xcmTTaUST2hxYC70mo_nrnsPOFYBaSAHhQ5qfpbn9OpgYchV61M8G_HNfQTV0V0Ur5o3ugX3jZ1YIKpzURsarkezRkQ1odTG8ASf0leGnz3L0ieRwx9X_lTlspEKEOYpqXCWj6e9jHH8L19GP4flErG3f4JEEJaL_5KXYF8977eWXRZ5X6EkXprsm6Eep-InTIk4C8CH9QijHvBa-mvxCLY-adj5fZ5KSXG2_jKnF2QUdGUGN_uQAgTFHYZuURKtbu_XojFQ3ABOq8qtSmBJIFBAgEGAGSBQQIBRgEoAYCgAfJluyGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPLaBNIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNjUwMzg3MTUwMDIxMTk4NxgA&sigh=i_YpNrTf8LE&uach_m=[UACH]&cid=CAQSGwBygQiDxFUZy5kS-IJCPuggP5cUGdJOfyrpcxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 11:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 18005100732218467201
tpc.googlesyndication.com/simgad/ Frame BFD8 146 KB
146 KB 25ms
24ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18005100732218467201

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=90&slotname=6714996718&adk=3833269039&adf=149312762&pi=t.ma~as.6714996718&w=728&lmt=1683114568&format=728x90&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572003&bpp=1&bdt=1416&idt=217&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Y98EH5ZXu4&p=http%3A//4d88.asia&dtd=221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81e841344f5e3649ad8b740a7c79247df42228a0de0dc2fdfc8702de255c0842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:58:42 GMT
x-content-type-options: nosniff
age: 6650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149152
x-xss-protection: 0
last-modified: Wed, 03 May 2023 07:48:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 May 2024 09:58:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame BFD8 22 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:35:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame BFD8 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame BFD8 19 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:34:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFD8 160 KB
49 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:32 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame BFD8 32 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb62fff5455c97f66ddb233cfba61136f51bf98e4fbd9ec7c203a62ab1012417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 18:13:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13019
x-xss-protection: 0
server: cafe
etag: 8496199140094913793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 18:13:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BFD8 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvAAATEpSZIL2EsKZhAaGv4F4ku3rsHCenbKDlxHAjbcBEAEg7_ioBmCVAqABybmn4APIAQOpArhJv7UzZ7I-qAMByAPJBKoE2wFP0EAYfKQq0wNsXmPW02BL-iA_nqAIp3UB9KFKMhtzjs-P4OqDfasnhZMk1j8QOLBaAkEYA_nYdAK-GQCmjLTJS9iGbBIs8pdzpaThqqG9nj-KgPYKp6rXsoZHVjdPRtEW43zmgNIS4yDs1a5wmhll2K6FN4CxkX3mR_ZQh8-Oj2BH2fJFQL-1Df9LWtqZXMRAnH8xrd-mAfSrqxgCSi5UZm_nB41lYVc2NKISYYcj54NZ3MS2rvMU7UfmxCpgknpjusIoWruhGmIkicE2Vlr9ilq_wrXFk2YIumbABLTug569BKAGA4AHn8bYH6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL_MD9IIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNjUwMzg3MTUwMDIxMTk4NxgA&sigh=2FTpRlz7ByM&uach_m=[UACH]&cid=CAQSGwBygQiDf87YRkyy0f-xO1J12W0t-2LgJpXniBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=90&slotname=6714996718&adk=3833269039&adf=149312762&pi=t.ma~as.6714996718&w=728&lmt=1683114568&format=728x90&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572003&bpp=1&bdt=1416&idt=217&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Y98EH5ZXu4&p=http%3A//4d88.asia&dtd=221
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 11:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCCB 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8A15 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55990508f826f39d0e48ff6cea28aa1d33caaa1226ff4af1178d0ec3ef75ed99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE9A 143 B
166 B 27ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=90&slotname=6714996718&adk=3833269039&adf=149312762&pi=t.ma~as.6714996718&w=728&lmt=1683114568&format=728x90&url=http%3A%2F%2F4d88.asia%2F&wgl=1&dt=1683114572003&bpp=1&bdt=1416&idt=217&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Y98EH5ZXu4&p=http%3A//4d88.asia&dtd=221
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BFD8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9811fee02a5b0cb1b91774f7de2cd513485ccbe364fd270c3741de94514b85b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9A07 15 KB
16 KB 76ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 365958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:10:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9A07 15 KB
16 KB 80ms
29ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 365209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 06:22:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9A07 15 KB
15 KB 96ms
47ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 390921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 23:14:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCCB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

38ms
37ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:33 GMT
expires: Wed, 03 May 2023 11:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BE9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:33 GMT
expires: Wed, 03 May 2023 11:49:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 11:49:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame 30EF 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/ 151 KB
51 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/reactive_library_fy2021.js?bust=31074266

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb31dd9cad0c6d1da43ea5125cac0077cd94cc76ed4c7c08745102db403a3a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52330
x-xss-protection: 0
server: cafe
etag: 14223112190416935826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:33 GMT

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame CDB8 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503871500211987&output=html&h=250&slotname=9663098689&adk=3624095374&adf=2605499262&pi=t.ma~as.9663098689&w=312&fwrn=4&fwrnh=100&lmt=1683114568&rafmt=1&format=312x250&url=http%3A%2F%2F4d88.asia%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1683114572004&bpp=2&bdt=1417&idt=222&shv=r20230501&mjsv=m202305010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5670572567703&frm=20&pv=1&ga_vid=1800719378.1683114572&ga_sid=1683114572&ga_hid=783075222&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=305&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44773809%2C44759842%2C31073968%2C31073974%2C31074266%2C44788442%2C44789761%2C44790154&oid=2&pvsid=1749122790418821&tmod=722506130&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoEe%7Cp&abl=XS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3B9QTJphds&p=http%3A//4d88.asia&dtd=225

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230501&jk=1749122790418821&bg=!jo2ljdnNAAYcDqajPA47ADkAdvg8Wv78ksea7QJi00gPZDvKTq9PRQKIFI83YyYF8r5V7a1tknawRDSPZEqnD-aDRdX50G6BGq8CAAAAVlIAAAACaAEHmQLIJ7bycaf9Glk8z9vwbGQmC2eexPIu7MhrDJSzcu88roKWOtuTOBplQMTjBBbxNLeGl73mQBY5tgNpKwkFgd1GmoOD1qBPiRcikhv43qfOywPhYESE96Fw2k25S5Rr7IqQ1QCED5_eebop55PBBwrWTfRPtUlOmXDMIiQWH7J9vQLqEna7DCtj4LZmy4BDONoU_38aN_ceaaC4OvnuaQdSxmYspMzDCYNUpoKvj0mVnxw3ySHfSNIVeL1t5LGNBXnwj0EkSu1ZnpiWuhF179sKmqHrsQVhIUJklB6m54gCnpHkuHTG2bS53l2-jBPCDtv3uha3J8vNqJav0KBvw3Au61aY0bhDkCQHMDhYxgbSCekuxlBIw1xtW4GiEpG26GaNmRTMKkDAvwdMV8qw3FMt0txv91SVmZFv_RCAkesTLLKK28kSyzn-w-FTFNrumxZOnOU4XQrGp2ogpkhc1hDT9_f0lvb3Dz95Hw_ZayPw82Aq9JVUYXo4MYjDRmj1wMR8ub8jblCkW2-A28Cstu4GLtQdyI0YHak8IJEdTyB9yVezHixWbrwbJ_NFXhg9cPpBTa9RJ2ElIpPG_f6lR-N9dklHNn8RrvzbPaPYd6gApR1-WDm7zWh9D0VNen1mpXaWAVfSUlnn71_6-W9lwKBec11HjanxdmHQfIp17FZNbNGEomNR2tfNsZuqO6n0P32sTAmySDBOLJ8cAE0A4QbSfH8kIgtQ5VDlMRNzn7mhPh-pOt9ZH6-SGTCuQk1qYq6IbaWWdHBmCRXqObly1Zf7Vb83yugNZq1uBrRkfe5TYTfeQUMTK2aH5sHgIt75lwUqtusNNzcw4KA-34xVO4M4k1nqydALozbwDvIeyk2Vr306u41nexV8R5RPIh-9xZMW4wwPfauDsBDk0c_6AnhERMegJq3UCzB_AQX9iMvbt-83Ojd3Ss3vhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A34 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503871500211987&plah=4d88.asia&bust=31074266
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://4d88.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 34ms
33ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4d88.asia

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 33ms
32ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4d88.asia

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://4d88.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/ Frame E4F9 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 17:56:08 GMT
etag: 15057649708203361565
expires: Tue, 16 May 2023 17:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/ Frame 5372 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://4d88.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 17:56:08 GMT
etag: 15057649708203361565
expires: Tue, 16 May 2023 17:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E4F9 2 KB
765 B 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:36:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame E4F9 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:35:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E4F9 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame E4F9 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:34:21 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame E4F9 32 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5372 6 KB
791 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 May 2023 11:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 May 2023 10:13:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 May 2023 11:49:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 5372 2 KB
765 B 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:36:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 5372 22 KB
9 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8743
x-xss-protection: 0
server: cafe
etag: 14489809188666054284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:35:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 5372 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 May 2023 07:37:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 5372 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
x-xss-protection: 0
server: cafe
etag: 10936619172403307163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:34:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5372 160 KB
49 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 11:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 11:49:33 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 5372 32 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E4F9 18 KB
19 KB 85ms
23ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtlBhZ6YYkn78grKZH50dpbHQ-7xrbi1JRGbvU6XZMLkNOLsTy4Ej4NfrHyw&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3096d3e8634b031fdb2576f8a437a532231ca891bdd63504249a1d5134b803b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 05:01:54 GMT
x-content-type-options: nosniff
age: 283659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18824
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 05:12:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 29 Apr 2024 05:01:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E4F9 16 KB
16 KB 92ms
31ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTsFj3NDW4_YIQAc39E2q1r7Xl-T1rNyLBLnCo3KEiutM3H1oVxbyH4aTW9F4A&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

760476baa26a6287391671ac5812353f611c9eaca89195160f415080befb79b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 04:09:25 GMT
x-content-type-options: nosniff
age: 459608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16578
x-xss-protection: 0
last-modified: Wed, 18 May 2022 05:58:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 27 Apr 2024 04:09:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E4F9 20 KB
21 KB 78ms
23ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTSOSZSi4hgw88Jx0RLFeJq0l4bKxZy2autCvjBswoMSp-HytUvbhHmgs_DjA&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

665ab47d961e9b003260778dcc1a77412e27f10e92e874ee2d53c7532042afe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:41:08 GMT
x-content-type-options: nosniff
age: 587305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20567
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 03:20:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 25 Apr 2024 16:41:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E4F9 11 KB
12 KB 91ms
22ms Image
image/png 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ2-EfG9UhUa4wYjbIlNtFdRDlxH5kKjlI1YFJbHB7URhnJmXsK&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afeebd479c5daf7da6ccc3ef89255096e356c781b50b175736bdefb8c157ba5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 17:50:55 GMT
x-content-type-options: nosniff
age: 323918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11541
x-xss-protection: 0
last-modified: Tue, 25 Jun 2019 10:33:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 Apr 2024 17:50:55 GMT

GET
DATA 200
OK truncated
/ Frame E4F9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dcdbe7c6cf0e3e305358b39a4d0cdf4c6dd0491c8995c9903cdcc8ba83bcefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame 1494 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4F9 0
20 B 58ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=62&version=r20230501&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 11:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E4F9 0
19 B 70ms
69ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXtGfTEpSZOC0D6ye1fAPkLGumAK54tOxcPaD48n6EM2VhbP8OBABIO_4qAZglQKgAZGaodMDyAEJqQK4Sb-1M2eyPqgDAcgDywSqBNwBT9Dh7j5NvxdMTJKAPLJ2JKL2eiLf2kjqhzmn1cTFvtSJ8z_AB8B68mwYuNMbavzd13gTSNAhmehwkCBR0SSanGS7_eCaqQyQnZkW8RIMpBqBcmFHez6ir-H3hx_Q31kHorAEq93UeWKvKrmk3NlnlHIVegCOXkQ_vq7Ftkdfz0uGQizaDQr6XwvFAmnTBvvhf1LAJ0SZa9Psg_EmtFIhYyLDqtrWJ6TBMO_KBfNwiyRpaDtj2gU2QGR5yEXAUBTc1Z-sMEoFNpHkT3U7L_oAKEkZAAPPSsIf_oofscAE39aelJ0EkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-m-oyuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ2JMJ0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOoAKAcgLAZgMuYSXy_IDwhMGGJGaodMD2BMO0BUBgBcBshccChoIABIUcHViLTY1MDM4NzE1MDAyMTE5ODcYAA&sigh=1gp_gT08MO0&uach_m=[UACH]&cid=CAQSGwBygQiDHQXfs6ZxXwhUDkkd4eoek9a6RDQPDhgB&template_id=494&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 11:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/11169174573220484905/ Frame 5372 29 KB
29 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11169174573220484905/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91716e5989e757358a4b5a42bdccfea7a512b118ba34f04440b894a2012d9a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 02:09:35 GMT
x-content-type-options: nosniff
age: 293998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29342
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 11:58:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 02:09:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1100511184230494990/ Frame 5372 2 KB
2 KB 25ms
24ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1100511184230494990/14763004658117789537?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11a67b9892320ae6df48efb80939c455785585ab8c0fa33bc37863c4e6a24dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:35:17 GMT
x-content-type-options: nosniff
age: 332056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2216
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 08:28:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 15:35:17 GMT

GET
DATA 200
OK truncated
/ Frame 5372 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5372 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11290427052527d264785822200481546a0394546830a5e9d77b840afc249f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C78 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js

Requested by

Host: 4d88.asia
URL: http://4d88.asia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 07:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 May 2024 07:37:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5372 0
19 B 68ms
68ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8Gp7TEpSZOG0D6ye1fAPkLGumAL9upzrb-yq0qjQEJWptMPaNhABIO_4qAZglQKgAbr9iL8CyAEJqQK4Sb-1M2eyPqgDAcgDywSqBOEBT9AYDJ3i0c-MrB5aJtjCDiQSSVyRd7CUTraUmLERp9ekH3Ks8HzF1dlAbmJP0S7cn2yQ1f-4ngoug79806qy6mhIiSrxFhEcL1bXVvBJj7sD2H7orx59pvCdL0KnMwziFCqRw8cKHLTnbEC-Ho3ZQcs05sWpfyPhfevvnq7TjUpjfL8NM8-eEHtGKPHj0XeYFCSdfsOaSdW95-JuFuM2MjbRyyud-fB24SseR-Kl2iY655wBQHnMFGJogtcMIq5HsXAv5PooUWi22uq6c3RtGTzdrUGOrReaplap7D4CiqQcwASG58qkowSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHjuTRwAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC__AfSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi02NTAzODcxNTAwMjExOTg3GAA&sigh=aWzLQhuINug&uach_m=[UACH]&cid=CAQSGwBygQiDHQXfs6ZxXwhUDkkd4eoek9a6RDQPDhgB&template_id=484&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 May 2023 11:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BFD8 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6TcvHkYNBvI2wwnRGihytciokGkWv8cnwApRpXHecu4g9DFCw7F6HuO1lrHA_S4gTt9ILP4hUIFFtuanUelmKP4CE3RI9sPvaV5H90TgUvu28snrvUq-LQtkV7EBG2BwD271-49Z6UGCeLYKhb2NmmWybFS2kY_vVzSwGIJWirlBY4wOGrd_Q9xJX_3nytsbNMNGprcAukD6p_2id2etUyXVku8QzbHBFh54sAT8o_xr5SH8qTzlCrRVrEgaZp3IJSMxyfGM7FjbwDQpEbpkudRYbJMMqGFWVzdnaAiSIZbnqbmm9kSNBaJJzqF7-utnBp-HMRb5d8hl63jCHaCecURcqhlyPaHmJs9Fu71WkGUf_P_jzJVdBJABYdOjdWYvfOdoDcn4uBfBvNTeO166-lm2Dvsvq_7C1OHigqLM140C9q2Cx4uwqHqf7iO-mrQhCSilDKS6tx1SUN-H1_IGU8ZioCXbCi-lYbVgqv7SofFUSOGNBeQwvr20BqJEyY4RvIBf0LFwctRQ1aPohslZ5WVTbsuSGD_8sQ0f9N9tkTjPnpvtSDOB0oLXX0GsVozE3pN_fdaxNORQ3WgMXC3g6DP2WP35ehulpxKd0HJbfmR8KJ5UmXnJiMbWo7xiXWIydlnv548lkjv77iEttveUw0XewaZ_3AIFrHwBSRdMsTypx4wCuexDq46S-aw9tHkIgb4Hab-VSBMdWmdp-coueuiMGtdxtlVc5vfxOYDz1-Shh2ZhwqK7MzZCkMFF3YnYSmM1vTQhamzCOP-aVb8p-bmXygBw3vEmJcH4XyJg0FnaQn9exiuYYldVAp4Y8dS-COJUnWq7MgvYb0R1gUPoSQhDrA7e5GhSF58mNEKXQ5JwD6oKr5vLrbKVfq0juC8COWm60tZwvXAKqHZ7VwqZPEStWSGLkydC9UZ7GVB03AuuWMOrrXWx0LpMyW8O69XR2wiPdSUymMxG0jw&sai=AMfl-YRwA0NndKSz8AwkhTLygQN3SyxOl1UdhV_Lr0ns53vevDnDiMq2dPiNX00m62n50PN9t2C81WvvI29Sz9aPRcmQ_liW2NvEZQ&sig=Cg0ArKJSzLeEuOeYfIGlEAE&cid=CAQSGwBygQiDf87YRkyy0f-xO1J12W0t-2LgJpXniBgB&id=lidar2&mcvt=1029&p=0,0,90,728&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3833269039&rs=2&la=0&cr=0&vs=4&r=v&rst=1683114572224&rpt=785&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 11:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A15 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZU-8HgPHf2H_LQR0ZieFeKV_Dq_epJ5cwwWiO7EmWnvL92b2lVtuIphl5-1-ffdgrwUGkTJChdu4qH4VRHVnA8Ahd4vfEoDvpbt7YaO2DMP6ddUJZoCW3qntgr-vvp6phZaVS6Q&sai=AMfl-YTQpJHKWYe-jO5K7gaXMx2hUgqhfi27-Ei6xXQbj9m2EGqF6atTYeSdXqJ2jDFildb1_aGhhgxTPAYN&sig=Cg0ArKJSzLvDzocoyBZaEAE&cid=CAQSGwBygQiDxFUZy5kS-IJCPuggP5cUGdJOfyrpcxgB&id=lidar2&mcvt=1033&p=0,6,250,306&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3624095374&rs=2&la=0&cr=0&vs=4&r=v&rst=1683114572230&rpt=799&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 11:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5372 42 B
64 B 122ms
121ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWKmDww_Uo-aD_3-wQj9SVifHrRrTu39Gmtdi6TLkAoHZJmQY2zWPykpIZkXz2egGBeQU6wXfiBuMPHyQp4I9KlSnH7vbggILpG-lJfQm3TMWYVPoJeK4SE54f-xTm2fHfDhFHdg&sai=AMfl-YS7gwzREWo_JTJksFWblTnp6TYT1xo2VXl9HkfgIaG-XGL6_UcPFAl1LxNYnv9Is8GbhNVlCTAR2CST&sig=Cg0ArKJSzLgZ1lCBhsVaEAE&cid=CAQSGwBygQiDHQXfs6ZxXwhUDkkd4eoek9a6RDQPDhgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1683114573327&rpt=164&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 11:49:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.4d88.asia/	1970-01-20 21:07:54	Name: _ga_DWLGYX9EGM Value: GS1.1.1683114572.1.0.1683114572.0.0.0
.4d88.asia/	1970-01-20 21:07:54	Name: _ga Value: GA1.1.1800719378.1683114572
.4d88.asia/	1970-01-20 20:53:30	Name: __gads Value: ID=c240dcb5419babbc-22e26b01b8dd0089:T=1683114572:RT=1683114572:S=ALNI_MbPHjjr-DGRCJxDI7QAVWqQI0Kp8Q
.4d88.asia/	1970-01-20 20:53:30	Name: __gpi Value: UID=00000bf50af52c39:T=1683114572:RT=1683114572:S=ALNI_MZHTtITBSgyayKI6_t0VFBUouIINw
.doubleclick.net/	1970-01-20 20:53:30	Name: IDE Value: AHWqTUnop_KA5guaFh924NDpQ1laMRxOSop8-Xw7t8tLKjHB0LX8xPNh12KsfRTbnbM
.doubleclick.net/	1970-01-20 11:31:55	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:31:58	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271804&client=ca-pub-6503871500211987&fa=4&ifi=6&uci=a!6&btvi=3&xpc=ObFkwAMFby&p=http%3A//4d88.asia Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d88.asia
adservice.google.com
adservice.google.de
ajax.4d88.asia
ajax01.4d88.asia
cdnjs.cloudflare.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h-io.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:32::36
2606:4700:3033::6815:3c7f
2606:4700:3035::6815:4bdf
2606:4700::6811:190e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3
056c97c7968397ce37f8a8e2ac6b3c154e2b68b1d2dce9f1a89115607fa610f5
0dcdbe7c6cf0e3e305358b39a4d0cdf4c6dd0491c8995c9903cdcc8ba83bcefc
11290427052527d264785822200481546a0394546830a5e9d77b840afc249f9d
11a67b9892320ae6df48efb80939c455785585ab8c0fa33bc37863c4e6a24dd0
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
163da6b91f78ccad8c824ef31e5dbd2a89fb8d93f2381d43faa96acf502ca3e8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19b37ae634c4a792e97e33d7842a3fb2b4eefaec054f7c8b7b937dd04f6cdbcc
1ddac838a6110438d36440194036c2fe51e1c9cc03c172ba5cd08d91c650bbd7
1e0f282faa08f11279bb13888ffe76a265883ab4fc76386325ffd0e321e47d9e
3096d3e8634b031fdb2576f8a437a532231ca891bdd63504249a1d5134b803b7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
386cd90a8e5e21162d51604dbc7b7885ebae91f38515ff1689dab66743a014ec
395750b11e66f47716e9fb08b530a288984b81451a235c5cd32f09ee9521fd86
494b13bfc9ceb6ecf6d533f3b484b1d8ee346db73d6a15352cfafef5a8eb46e9
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
54afab37599218c2b852a03062d04ebdab4e5cb82122e174b25bcef98f007676
55990508f826f39d0e48ff6cea28aa1d33caaa1226ff4af1178d0ec3ef75ed99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56033320c2627c1cf8dd171d623c2bc56233939f82d6ccddcccaf009709dc56a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635ef5e659af84836764880e52b47a36880763892ba79c33c5d167793f2bd340
665ab47d961e9b003260778dcc1a77412e27f10e92e874ee2d53c7532042afe7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6ce74db94f493e014bd1e5ce5d4b349590338bfb25188159a1f8f221eff66b49
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
760476baa26a6287391671ac5812353f611c9eaca89195160f415080befb79b4
7f64d4c059060ec66eec0a979ce45c0b441572a909c528b784ca4eadc2c2d215
81e841344f5e3649ad8b740a7c79247df42228a0de0dc2fdfc8702de255c0842
83d61b3002ca7b05955acdf6b03f3af5a69ce39560c520b2272e4833d75b0d5a
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
91716e5989e757358a4b5a42bdccfea7a512b118ba34f04440b894a2012d9a22
9811fee02a5b0cb1b91774f7de2cd513485ccbe364fd270c3741de94514b85b2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b44313b88d5ab7419f97930393d31a646b524c1563cff394cc1f76920a6f3b
a633bb18a796d87224e05b28166fd25938db5be40eb381c1fdbf0210c62d4169
ac8a8d3fe7049b1534d2bff137f4d3b08c811def9fe5ffbd5ffdefed94fd1ac2
afeebd479c5daf7da6ccc3ef89255096e356c781b50b175736bdefb8c157ba5c
b011d187544f9915fba10ad655b77ea2cabb07fb63fa3f2eca576110e4279f54
b36b8512fa753f91f57f86ec1a9665b5f2f4e43bc4dc52fb04400084cc47d5cd
bbbf15c370f451578555d106e1505fb1a42fff967cb0d59567f2576cd1a2d1b3
c77ea247c5c09ad069bada654d90444cc45d8666e891696c0079661e1638bd8b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d8bf180a14c71468cf9c447c2086ef36c445a74268d8363bc4c4713b2ed11801
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
de0211781c442cb198af1b2eb2e0df4baa16a724b893585a5fbda46f2288c6ca
e29c2cbc0e57c4327c1ff0b6e81ee341f9ee6007723e73a765cedce91022f6d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50372537ef89799b68624931d8ca847de7019a293550e701b2a9a5376a208cf
ea97c1f2395711b1007b7d5280bcc7700c608691584de6095a3399c29b34857a
eb31dd9cad0c6d1da43ea5125cac0077cd94cc76ed4c7c08745102db403a3a50
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eddc51294200539f639b8ef42eac0d11b12bea5ef1672034af8ec7da7af627ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af0ebb42f7cf7169f4a61ff2705d43ab19ea5472b6a266d49a3d88e1a99548
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f4f7e4ad7830197f17e8be633b19315eab373880e345bedb71b7adb3d4b9b103
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb62fff5455c97f66ddb233cfba61136f51bf98e4fbd9ec7c203a62ab1012417
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

4d88.asia Open in urlscan Pro 2606:4700:3035::6815:4bdf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

87 %HTTPS

100 %IPv6

13 Domains

21 Subdomains

20 IPs

2 Countries

1627 kBTransfer

3916 kBSize

7 Cookies

29 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

4d88.asia Open in urlscan Pro
2606:4700:3035::6815:4bdf Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

87 %
HTTPS

100 %
IPv6

13
Domains

21
Subdomains

20
IPs

2
Countries

1627 kB
Transfer

3916 kB
Size

7
Cookies

106 HTTP transactions
7 data transactions