enlifesun.com Open in urlscan Pro
2606:4700:20::681a:e28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://enlifesun.com/2019-12-03-1298/
Submission: On December 07 via api (December 7th 2023, 7:23:13 am UTC) from US — Scanned from DE

Summary HTTP 403 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 73 IPs in 13 countries across 49 domains to perform 403 HTTP transactions. The main IP is 2606:4700:20::681a:e28, located in United States and belongs to CLOUDFLARENET, US. The main domain is enlifesun.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 9th 2023. Valid for: a year.

This is the only time enlifesun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
82	2606:4700:20:... 2606:4700:20::681a:e28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.98.99 143.204.98.99	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	103.23.108.124 103.23.108.124	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
22	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	69.192.160.238 69.192.160.238	16625 (AKAMAI-AS) (AKAMAI-AS)
2 10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	92.123.150.201 92.123.150.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	3.36.186.35 3.36.186.35	16509 (AMAZON-02) (AMAZON-02)
1 17	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	103.200.108.61 103.200.108.61	45530 (AGODA-TH-...) (AGODA-TH-AS-AP The Offices at Central World)
5	34.149.108.21 34.149.108.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
24	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	103.23.108.204 103.23.108.204	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.140.229.62 18.140.229.62	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2600:9000:211... 2600:9000:211e:3000:1b:29b:ed80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	3.121.34.204 3.121.34.204	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2	35.157.241.1 35.157.241.1	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.136.11.74 18.136.11.74	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:303... 2606:4700:3032::6815:42a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	34.111.12.34 34.111.12.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.150.21 34.107.150.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	34.102.218.41 34.102.218.41	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	203.66.32.2 203.66.32.2	3462 (HINET Dat...) (HINET Data Communication Business Group)
14	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
3	34.96.83.10 34.96.83.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.111.170.216 34.111.170.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:9000:264... 2600:9000:2646:8c00:e:aa0e:eb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	54.162.6.25 54.162.6.25	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3032::6815:1aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
403	73

82 2606:4700:20::681a:e28 (United States)

ASN13335 (CLOUDFLARENET, US)

enlifesun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-99.fra50.r.cloudfront.net

s.pixanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.23.108.124 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)
PTR: ip-103-23-108-124.static.pixnet.tw

pixanalytics.pixnet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.192.160.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-238.deploy.static.akamaitechnologies.com

cdn0.agoda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn6.agoda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cell1.adbottw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cell.adbottw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-201.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.36.186.35 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-186-35.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.200.108.61 (Netherlands)

ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH)

sherpa.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.108.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.108.149.34.bc.googleusercontent.com

affiliate.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.23.108.204 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)
PTR: ip-103-23-108-204.static.pixnet.tw

sticker.events.pixnet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.229.62 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-229-62.ap-southeast-1.compute.amazonaws.com

api.mdeianet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:211e:3000:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.34.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.241.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-241-1.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.11.74 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-11-74.ap-southeast-1.compute.amazonaws.com

provider-prod.mdeianet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3032::6815:42a4 (United States)

ASN13335 (CLOUDFLARENET, US)

news2.newaddiscover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newaddiscover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com

ad.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com

uec.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com

ecs.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.66.32.2 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-66-32-2.hinet-ip.hinet.net

s1.pimg.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com

event.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.170.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.170.111.34.bc.googleusercontent.com

log.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2646:8c00:e:aa0e:eb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

res.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.6.25 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-6-25.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:1aa (United States)

ASN13335 (CLOUDFLARENET, US)

api.popin.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	enlifesun.com enlifesun.com	8 MB
47	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	1 MB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	266 KB
23	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	350 KB
22	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445	495 KB
18	klook.com affiliate.klook.com — Cisco Umbrella Rank: 156701 cdn.klook.com — Cisco Umbrella Rank: 113068 log.klook.com — Cisco Umbrella Rank: 84485 res.klook.com — Cisco Umbrella Rank: 88351	175 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	734 KB
15	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 21141 geo.yahoo.com — Cisco Umbrella Rank: 1548	5 KB
14	newaddiscover.com news2.newaddiscover.com — Cisco Umbrella Rank: 602087 newaddiscover.com — Cisco Umbrella Rank: 521273	36 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	124 KB
14	popin.cc api.popin.cc — Cisco Umbrella Rank: 31958 tw.popin.cc — Cisco Umbrella Rank: 96359 log.popin.cc — Cisco Umbrella Rank: 33420 r.popin.cc — Cisco Umbrella Rank: 34110 inrecsys.popin.cc — Cisco Umbrella Rank: 39665	184 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	79 KB
8	tagtoo.co ad.tagtoo.co — Cisco Umbrella Rank: 222202 uec.tagtoo.co — Cisco Umbrella Rank: 477829 ecs.tagtoo.co — Cisco Umbrella Rank: 229932 event.tagtoo.co — Cisco Umbrella Rank: 217532	45 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 mts0.google.com — Cisco Umbrella Rank: 4606	113 KB
7	pixnet.net pixanalytics.pixnet.net — Cisco Umbrella Rank: 213278 sticker.events.pixnet.net — Cisco Umbrella Rank: 481668	108 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	559 KB
6	agoda.com sherpa.agoda.com — Cisco Umbrella Rank: 217830	570 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	102 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	285 KB
5	agoda.net cdn0.agoda.net — Cisco Umbrella Rank: 65493 cdn6.agoda.net — Cisco Umbrella Rank: 54580	502 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	44 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316 dis.criteo.com — Cisco Umbrella Rank: 550	49 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 560	2 KB
3	wp.com s0.wp.com — Cisco Umbrella Rank: 7928 stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796	6 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 30031 api.dable.io — Cisco Umbrella Rank: 27693	25 KB
3	adbottw.net cell1.adbottw.net — Cisco Umbrella Rank: 434709 cell.adbottw.net — Cisco Umbrella Rank: 328607	34 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	622 B
2	popin.tw api.popin.tw — Cisco Umbrella Rank: 201664	2 KB
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	1009 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	mdeianet.com api.mdeianet.com — Cisco Umbrella Rank: 605723 provider-prod.mdeianet.com — Cisco Umbrella Rank: 661520	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3043	542 B
1	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4504	559 B
1	pimg.tw s1.pimg.tw — Cisco Umbrella Rank: 471412	14 KB
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	297 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	713 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	611 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	pixanalytics.com s.pixanalytics.com — Cisco Umbrella Rank: 227859	7 KB
0	tagtoo.com.tw Failed ttd-cm.tagtoo.com.tw Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
403	49

	Domain	Requested by
82	enlifesun.com	enlifesun.com
30	pagead2.googlesyndication.com	enlifesun.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com news2.newaddiscover.com newaddiscover.com tpc.googlesyndication.com
22	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cell1.adbottw.net news2.newaddiscover.com enlifesun.com newaddiscover.com
18	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
17	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	ads.yap.yahoo.com	news2.newaddiscover.com cell.adbottw.net newaddiscover.com
13	fonts.gstatic.com	fonts.googleapis.com
10	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	newaddiscover.com	cell1.adbottw.net
8	cm.g.doubleclick.net	googleads.g.doubleclick.net enlifesun.com
7	cdn.klook.com	affiliate.klook.com cdn.klook.com
7	static.criteo.net	ads.eu.criteo.com
7	www.googletagmanager.com	enlifesun.com www.googletagmanager.com www.google-analytics.com sherpa.agoda.com affiliate.klook.com
6	log.popin.cc	enlifesun.com
6	assets.ad4m.at	as.ad4m.at
6	news2.newaddiscover.com	cell1.adbottw.net
6	sticker.events.pixnet.net	enlifesun.com sticker.events.pixnet.net
6	sherpa.agoda.com	cdn0.agoda.net sherpa.agoda.com
5	affiliate.klook.com	enlifesun.com cdn.klook.com
5	www.googletagservices.com	googleads.g.doubleclick.net cell1.adbottw.net
5	fonts.googleapis.com	enlifesun.com googleads.g.doubleclick.net sticker.events.pixnet.net
4	res.klook.com	enlifesun.com
4	scontent.xx.fbcdn.net	www.facebook.com
4	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
4	ad4m.at	as.ad4m.at ad4m.at
4	www.googleadservices.com	enlifesun.com
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	imageproxy.eu.criteo.net	ads.eu.criteo.com
4	region1.analytics.google.com	www.googletagmanager.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	cdn0.agoda.net	enlifesun.com sherpa.agoda.com
3	r.popin.cc	enlifesun.com
3	event.tagtoo.co	ecs.tagtoo.co
3	ecs.tagtoo.co	ad.tagtoo.co ecs.tagtoo.co
3	c1.adform.net	3 redirects
3	api.popin.cc	enlifesun.com api.popin.cc
3	www.google.com	enlifesun.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.google.de	enlifesun.com
2	api.popin.tw	api.popin.cc api.popin.tw
2	log.klook.com	cdn.klook.com
2	www.awin1.com	as.ad4m.at
2	d5p.de17a.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	connect.facebook.net	enlifesun.com connect.facebook.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	cell1.adbottw.net	enlifesun.com
1	s.w.org	enlifesun.com
1	inrecsys.popin.cc	enlifesun.com
1	in.treasuredata.com	api.popin.cc
1	geo.yahoo.com	enlifesun.com
1	cell.adbottw.net	cell1.adbottw.net
1	s1.pimg.tw	sticker.events.pixnet.net
1	uec.tagtoo.co	api.popin.cc
1	ad.tagtoo.co	api.popin.cc
1	tw.popin.cc	api.popin.cc
1	pv.medialead.de	as.ad4m.at
1	provider-prod.mdeianet.com	api.mdeianet.com
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	enlifesun.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ajax.googleapis.com	api.dable.io
1	mts0.google.com	googleads.g.doubleclick.net
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.wp.com	enlifesun.com
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	cdn6.agoda.net	sherpa.agoda.com
1	api.mdeianet.com	enlifesun.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	stats.wp.com	enlifesun.com
1	s0.wp.com	enlifesun.com
1	static.dable.io	enlifesun.com
1	pixanalytics.pixnet.net	enlifesun.com
1	s.pixanalytics.com	enlifesun.com
0	ttd-cm.tagtoo.com.tw Failed	uec.tagtoo.co
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
403	90

This site contains links to these domains. Also see Links.

Domain
facebook.com
instagram.com
youtube.com
www.tkqlhce.com
www.agoda.com
www.hotelscombined.com.tw
chrysie.pixnet.net
enlife.pixnet.net
www.booking.com
www.instagram.com
trace.popin.cc
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
www.kkday.com
pixranking.events.pixnet.net
achang.tw

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-09` - `2024-02-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pixanalytics.com Gandi Standard SSL CA 2	`2022-12-13` - `2023-12-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pixnet.net Gandi Standard SSL CA 2	`2023-07-10` - `2024-07-13`	a year	crt.sh
*.agoda.net GeoTrust RSA CA 2018	`2023-09-26` - `2024-09-25`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adbottw.net E1	`2023-11-06` - `2024-02-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.dable.io R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2023-10-27` - `2024-11-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
agoda.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-30` - `2024-09-28`	a year	crt.sh
affiliate.klook.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.events.pixnet.net Gandi Standard SSL CA 2	`2023-08-15` - `2024-08-27`	a year	crt.sh
*.mdeianet.com Amazon RSA 2048 M03	`2023-10-26` - `2024-11-24`	a year	crt.sh
*.klook.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-12` - `2024-03-14`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
newaddiscover.com E1	`2023-10-30` - `2024-01-28`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
ad.tagtoo.co GTS CA 1D4	`2023-11-02` - `2024-01-31`	3 months	crt.sh
uec.tagtoo.co GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
ecs.tagtoo.co GTS CA 1D4	`2023-10-09` - `2024-01-08`	3 months	crt.sh
*.pimg.tw Gandi Standard SSL CA 2	`2023-01-12` - `2024-01-25`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
*.tagtoo.co Go Daddy Secure Certificate Authority - G2	`2023-04-14` - `2024-05-15`	a year	crt.sh
log.klook.com GTS CA 1D4	`2023-11-12` - `2024-02-10`	3 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2024-03-20`	6 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
popin.tw GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh

This page contains 39 frames:

Primary Page: https://enlifesun.com/2019-12-03-1298/
Frame ID: 592B5CDAB94958093E5147BF8C751E85
Requests: 167 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html
Frame ID: 4E5AD2D1C7BC60B0973934D08C8690AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&adk=1812271804&adf=3025194257&lmt=1701933783&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782764&bpp=4&bdt=276&idt=229&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2614163686850&frm=20&pv=2&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: F64339898556C4D6F395F47C3D007AA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=350&slotname=9335931323&adk=3900778249&adf=2815497077&pi=t.ma~as.9335931323&w=740&lmt=1701933783&rafmt=12&format=740x350&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782768&bpp=1&bdt=280&idt=315&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2614163686850&frm=20&pv=2&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=326
Frame ID: B4EEF6FE6E072C7615C87616FA8B5046
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=280&slotname=2770522977&adk=772300056&adf=3663673752&pi=t.ma~as.2770522977&w=740&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=740x280&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782769&bpp=2&bdt=281&idt=339&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x350&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=342
Frame ID: BBDC10154FDB950A518A1D7B29DF9C93
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXFy1wACCygI9l-9AAKZnoB9wZefcIrAnqDPmg&u=%7CB8TT%2BEPq0Wu60OmCtu7WKroYsdXff152VADk6RVY4As%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864LDdMDxl706lV0kV9nMzFmYfPEmuOQ5qhw2WA0Rh9Dvd9R6-lvnl16JhV5voLRNnNn-09UmJF0_d4OHk1F0yqDUVY8slCOhdzjVR2fVKytgiMe0E-_Cp0Q2iAMdAyZkAJ7gASSLzhd3SdVPHDapk9cDzxoTNukKKFhStLJ3js3aC2zHiLaw76PHqcg_qivHhW_Yi95war_30kxqhDksS2HI3ATnQCn9Q8OEkTvRuxFHLOidpc-GH14eDnU64vHAKwUV73wm04ZlvUBU52DzFVWgtDXtrTKcwYPiD55JQkGfp3sQMemQwhJpoBlS_IbW_zeTpV_VulwHVUt-UVnk-3igItBfAgoX0c7OmfI-LoZ0No-4ylfX2qwbIlIFTW2bLnhzuYq4iNJKpiVbwvzqWtiwEJt_rqzEePcMuD8EnNQXvQtBl1Uj3v3ksNxedyTROaK9oSNWze0xViShzYRBLjZ30U3XMyNsqY86iB4G74nfOMU6AHLQtC4qIQuJnArJEUq0D32n5PcB9Q5LhKJYbv_qjExwSfQbQXKrNhl3pyaN7Fz7jf1KfnM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4lUO13JxZaiWCL2_2fcPnrOKqAfJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5Njk0ODg2OTYyMzUwMTDIAQmpAhDXAM-3DrI-qAMByAMCqgSJAk_QBE9cwZD78hfMhIzG4R0sVhTuXW2koL-sPTLZGtmdYyxEPPZJR8e0rBCLiq3w0pK3WePXTmds_YvmLx-PuijIzYKOcCVXuTJzF38xrG9hN8yLHSHIEzrvPC4HZpClGca6b4j9IGCWq7TKCNB4-A4yFik4A18UmM8AnsuAJEcBazelpAX2Z8sDe_IEp_BAdY-K11pHnfdduEnSozJMqYmE5CVf3X9_-l5ZV4hVY4Ju-cLJelVzjFN9fzNjr7XmxBqQVjs8QrGALcburNpIZLD3ZUhVkUQr0ga8rmp4uSihiwf7hA5c40a8rV9JM66Kgjzd-Cvg_tugM7mP8_rtS2ztLMGHJhvoKEyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_kcy05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tEf0prvEibMhhWkrh3sKV1v7zGQ%26client%3Dca-pub-8969488696235010%26adurl%3D
Frame ID: B0ADD93DE7816269E62C2C448CE8A8C1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
Frame ID: BBE1D6DE4736882E46FE10AAD764A64B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12
Frame ID: 8EE56E27DDC01A16B75FF4E3FE5AFCCA
Requests: 14 HTTP requests in this frame

Frame: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Frame ID: BFD54C74CA7901F93D4A954EF321AC5E
Requests: 12 HTTP requests in this frame

Frame: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1
Frame ID: C05FAB995A54EFA7FC81D9B4BE8B0BE7
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D
Frame ID: 6A87B78BEFD7B93B362C7EF73994ECAE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4D01768987295E0F258075F1B9AD16C0
Requests: 9 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/klrvWmGl/users/00000000.0000000000000?from=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=achang.tw&gdpr=1&service_id=10289&service_type=blog&country=TW&client_id=1598&lazyload_widget_ids=%5B%226Xg1eR7N%22%2C%22plqN36YX%22%5D&randomStr=93c6a542-150f-490e-ba31-9877204c5552&id=dablewidget_klrvWmGl_plqN36YX&category1=%E3%80%8BGO%EF%BC%9A%E6%B2%96%E7%B9%A9%20Okinawa&author=enjoylifeSun&pixel_ratio=1&client_width=740&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 96D7A826B5EF64C6179433C5D7DBE9E1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F902BEA5A9AE34E7E80F44D12CF36377
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df221ab0efa5da64%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey
Frame ID: A7D055F86DA6B3EFE790DD6932A6B7AA
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cb8620611c4%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 3D650ECABBD18E85DA0155F3A35ADD5B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Frame ID: 4F062EE62FEC552F63A7855068FD9DF4
Requests: 12 HTTP requests in this frame

Frame: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1
Frame ID: 4BD0127A50C4CB8183FE058CCF3E0246
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDBAE9CB84DBD86789D01F75C88048F2
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 0332D4E7E42EC6DDDED9E63A1C9149B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1C3957801021506EE8A80BBE20029981
Requests: 1 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784
Frame ID: 0801E226DE13C1A35596A0E2965535F8
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Frame ID: 8E513D8AF76842A5E69F5BFFA737D1D7
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Frame ID: 3F6FAED4E55731629675F0DECD374BBE
Requests: 11 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784
Frame ID: 1EDA874F4060D1B09650A3AE3F6CBE43
Requests: 4 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784
Frame ID: 4E812A228D4D130BEE75EDA61C484F14
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53s&cb=1701933784
Frame ID: 5AD7F9A1D730D652A34FFB647D85433E
Requests: 4 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784
Frame ID: C6E605355710C5F3D258D5093D391E8D
Requests: 4 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784
Frame ID: 8AB37CDF72CB0C0882413F13F91F0A55
Requests: 4 HTTP requests in this frame

Frame: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784
Frame ID: B32E0FAAE2729CD1C8C791CE104F72D6
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=55&cb=1701933784
Frame ID: 81A7D48687E4BB1B627EA1E8F8555A95
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D13D579D3708506BB4448232BDC2D685
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9151AABD6C522FD01569D09D59FEB2D9
Requests: 2 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53su&cb=1701933784
Frame ID: 01DEB195B705E8F1999D35C1A8B9E857
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53sz&cb=1701933784
Frame ID: 6157A323D914137A07256A8EAB965465
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53m&cb=1701933784
Frame ID: 4B07EF46A917AA75FF6D7D7A1973741B
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53mu&cb=1701933784
Frame ID: CE144E5632471480C39BAC2F49F0110B
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53mz&cb=1701933784
Frame ID: FF304C92A9FDADE6DB9C06BE8F7A8FF5
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=53&cb=1701933784
Frame ID: 3FAE4D7E31644E8D10C76B3414CF9748
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

沖繩景點｜備瀨福木林道（備瀬のフクギ並木）：走進擁有兩百年歷史的福木林道，與充滿福氣的樹木們一起呼吸是多麼療癒啊～ - 享受生活不無聊。規小孫

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

403
Requests

96 %
HTTPS

49 %
IPv6

49
Domains

90
Subdomains

73
IPs

13
Countries

14759 kB
Transfer

23597 kB
Size

44
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/enjoylifeSun

Search URL Search Domain Scan URL

URL: https://instagram.com/enjoylifesun

Search URL Search Domain Scan URL

URL: https://youtube.com/enjoylifeSun

Search URL Search Domain Scan URL

URL: http://www.tkqlhce.com/click-9122964-13293315
Title: Skycanner機票比價

Search URL Search Domain Scan URL

URL: https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1640878&hl=zh&city=717899
Title: Agoda累積A金卡

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Place/Okinawa_Japan.htm?a_aid=212741
Title: HotelsCombined比價

Search URL Search Domain Scan URL

URL: https://chrysie.pixnet.net/blog
Title: 小林郭郭

Search URL Search Domain Scan URL

URL: https://www.agoda.com/zh-tw/pages/agoda/default/DestinationSearchResult.aspx?pcs=1&cid=1640878&hl=zh&fbclid=IwAR3bBRtc18BpMdlXNYhjAhapKwuQX7lPn48gk6VASWdXZmn-QZVsZ2MH7Co&selectedproperty=1200300&city=717899&checkin=2019-10-30&checkout=2019-10-31&adults=1&children=0&rooms=1&los=1
Title: Agoda查房價

Search URL Search Domain Scan URL

URL: https://www.agoda.com/zh-tw/pages/agoda/default/DestinationSearchResult.aspx?pcs=1&cid=1640878&hl=zh&fbclid=IwAR244Cs_6tonC0dpq2RwRFopm3TbjOYKv9ycv4zYTdKsWYLzhUwUUPmmSww&selectedproperty=5436601&city=717899&checkin=2019-10-30&checkout=2019-10-31&adults=1&children=0&rooms=1&los=1
Title: Agoda查房價

Search URL Search Domain Scan URL

URL: https://www.agoda.com/zh-tw/pages/agoda/default/DestinationSearchResult.aspx?pcs=1&cid=1640878&hl=zh&fbclid=IwAR1Qjsd-Xg565DnYrC8I8BmekpxORCSpS28Cg8QU53zAHSM8Z5Yb99hfbIg&selectedproperty=59191&city=717899&checkin=2019-10-30&checkout=2019-10-31&adults=1&children=0&rooms=1&los=1
Title: Agoda查房價

Search URL Search Domain Scan URL

URL: https://www.agoda.com/zh-tw/pages/agoda/default/DestinationSearchResult.aspx?pcs=1&cid=1640878&hl=zh&fbclid=IwAR0Do3Fl_uwY2kmsu0gtAlBtabEWmVH6bl1UJY_B0LEhR20DrjGCqfVrLVg&selectedproperty=4579169&city=717899&checkin=2019-10-30&checkout=2019-10-31&adults=1&children=0&rooms=1&los=1
Title: Agoda查房價

Search URL Search Domain Scan URL

URL: https://www.agoda.com/zh-tw/pages/agoda/default/DestinationSearchResult.aspx?pcs=1&cid=1640878&hl=zh&fbclid=IwAR3bBRtc18BpMdlXNYhjAhapKwuQX7lPn48gk6VASWdXZmn-QZVsZ2MH7Co&selectedproperty=1846502&city=717899&checkin=2019-10-30&checkout=2019-10-31&adults=1&children=0&rooms=1&los=1
Title: Agoda查房價

Search URL Search Domain Scan URL

URL: http://enlife.pixnet.net/blog/post/120072417
Title: 海邦丸

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Hotel/Trip_Shot_Villas_Hamahiga.htm?a_aid=212741
Title: Hotelscombined飯店比價

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/jp/trip-shot-villas-hamahiga.en.html?aid=1744483&no_rooms=1&group_adults=2
Title: Booking.com訂房

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Hotel/Ala_Mahaina_Condo_Hotel.htm?a_aid=212741
Title: Hotelscombined飯店比價

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/jp/ala-mahaina-condo.en.html?aid=1744483&no_rooms=1&group_adults=2
Title: Booking.com訂房

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Hotel/Hotel_Nikko_Alivila.htm?a_aid=212741
Title: Hotelscombined飯店比價

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/jp/nikko-alivila.en.html?aid=1744483&no_rooms=1&group_adults=2
Title: Booking.com訂房

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Hotel/Lagent_Hotel_Okinawa_Chatan.htm?a_aid=212741
Title: Hotelscombined飯店比價

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/jp/razientohoteruchong-nawa-bei-gu-hoteru-hosuteru.en.html?aid=1744483&no_rooms=1&group_adults=2
Title: Booking.com訂房

Search URL Search Domain Scan URL

URL: http://www.hotelscombined.com.tw/Hotel/JR_Kyushu_Hotel_Blossom_Naha.htm?a_aid=212741
Title: Hotelscombined飯店比價

Search URL Search Domain Scan URL

URL: https://www.booking.com/hotel/jp/jr-kyushu-blossom-naha.en.html?aid=1744483&no_rooms=1&group_adults=2
Title: Booking.com訂房

Search URL Search Domain Scan URL

URL: https://www.hotelscombined.com.tw/?a_aid=212741

Search URL Search Domain Scan URL

URL: https://www.booking.com/?aid=1744494
Title: Booking.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/enjoylifesun/?hl=zh-tw

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=216f53785f89026975098d26f44e8674&acid=25852&data=U592_FDAt9uoVSm_IkjCbWB5B-1hHoL5VdzOwr2gzGsOsX60Dv0Xg-2xntvsCOL55zKqpOdZRfo3xOtgpco6pbYIUvbhNGoYRClyuuOt-i2A_eUIfqErLNX49Mjs1hzCnEjbcKjWldQVD9g49wP0bmScNeggeuGHCzbykRLx4IFcvdshxMQ7-jz_v3V_6gzr5MRfJE0lYZuIZrPIKuU2jfeM01dGmywt2lm9QJV2v1nSfAzdPkSGLZOnpe-RWeA-dM2fIE-EJg3qBrDZelJ2rx-IuonT3_dDvjLE4O3Fx2c4OBKd6nicMXIT4GhBFyFxK5DAR0in_2GaEwzoSydhHCeVV4ZtBVuumpfkcNKvpGFrNjY1I1hkMQg6mbALNwCCYDhQaNi8M6HFVc7wPEJrUeltOjlVwK2jaYyxpP1Ggc09m8afX4W0lMy_H6nOuKxVobJMusqAO9rNcbwv0j089uXCdnjq8h50lH1u7KgAQzXh4bXtDHzPCqfkRLWQszOuW9kcUWfkIvsJlDFf88NzKMlFwKtYjcXdC1l_Q9z4Q92ZCkZxEduIglluDzhd6g9fWroo45cHOLADiMRJe794pzQxlbys57DtiJMiZeu4Xs3q_MPrPx9f88CBhkG-zCOLCjSrP-4SGq7wYqMnXRzxxScGsqbBaXKFxPYNjbGR3YpFrAOVcFRqdKpejdakggu8vArCZika7xglH88WibwRjnfVfWQU5eVTjpVedUnLIJixakOC_EJ5WH_VogyHBheYYkpFQQmCu2pYMMgG3tmWzHFlitavNxp8e0dUAD_ysqVjS6Vn3-a_tOpeF2A4cjTxAd_O7cc9-6C1n2bF9iVZgH6sJdmWJ47JbwerLmuU_PWhHUhna8d5CYKzQbpt7qSkT1oFBMRlw2bwJM_kImnVOw&uid=7c30c0327ee8917fb071701930185055&mguid=&gprice=FBKbvHz27eUnpyFRWCCzeQzzvYzzcILrXUKBQfsetMI&pb=d&uidct=1701930185055&uu=7c30c0327ee8917fb071701930185055&tst=1701933787756&ppvs=6&tss=5&aps=1&rp=1&fs=3&bs=3&caid=standard_pc_3x1_big_word

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=c7e14aa7ba285ebf3fdb98b1893e35b9&acid=25852&data=lu9cOskpwNaXXAwQFgDljeh2fIe0nHLy6VdOLqYxUQAj3c3nYLwtTDO9JN2m4LZmNkMNNoaTu5FfG4xudK_97D1Xy7qGTUImdwbbGOA6c3lr50SF7AMMc5YmTyD_CqmXDzbUTWO5_dmNs-QHhkM6MyZCoPOS97vMgntMOwkJsm96xh9dikxKAC60d7YQBjdfm-8Trjt1NDxAgTUCcAGiXqwu1sUgsIlGb8zmgHN6MKOU2PZykQeOBF0FEkmVacuBPmR4YeNqFO57lvak5A0-Q6RgiUGjktzoHBVSI7M-zA5HbGwP0AfVUgULkSTaUtXy78c9nMzokN18MH9k3rkqhfDv7WiHDV9mTUGWpx6uFlKQtr-SYShVmqOA7uXLLii1LaQsAxRTdqxsZ2ktvqL5rjUn2Xx8FwnWyM7Sl1aZIFvID0JpcL8EWel0MYYKWVczsQgGvT7IRZz6Xt5nt-IeRMj7Y8wrdFjrEGnhDTQ8jxWcwh__3fC9m48ugFjs-XXGOfSFHwhxBk-txlBjVVjX_HHQWdYVcQKvXb8tl4Oq_UTpxEdyuBX0o2VpcmYhQG1yA-FNsFLx9PyXi2I8FrheyGBIop-3M5WJCc6Xwyn-LPZf1jrfXpbvr0Ies5heB0MC_g66Vw-vi4A0dlLyc9ocQUREZQyOKuld6EpskPTyELPDtiGbB39ZN-fnroQKh1L65lz62lKY4GPh1uEoRWPQytWmWGxU3BY6PQhRTHoU11hZgnt2FleKPu4kuyhKWZyL2ZTJmzkoOJYvfwKEFjUEzquxT8j2TvEhRl-qvfQ7DiIVjM6hLjv9EJo5txdPlCpWvfFmC0PWZPiO5ad8MDKS1zaN8kxs-nednWvhRpvTutPMhSt95Lt0R4wAr-NHY79fTk1VHLCy9sW2a1Md5MKlug&uid=7c30c0327ee8917fb071701930185055&mguid=&gprice=FBKbvHz27eUnpyFRWCCzeQzzvYzzcILrXUKBQfsetMI&pb=d&uidct=1701930185055&uu=7c30c0327ee8917fb071701930185055&tst=1701933787757&ppvs=6&tss=5&aps=2&rp=2&fs=3&bs=3&caid=standard_pc_3x1_big_word

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=bc7740f3adf7fd997692a5a53eef40aa&acid=25852&data=ksru-5_pmg3Mb-MotSjh4f9n46a8CqgRwWQlaOA0FCuEDrtXn_nS6flTyFkVs2Z2tAX2bwBp7swKLoxq11ywUG33m4vydqiOZpIzvAaJG4lsTTPoFUwh7Pw_gqTO-8KDhTzBCKAw8-uxn3FIVjX5OgWPeviih5b6p8Hyu40Ok66MlUWNaqpRrpU1JramV27prdO2ZQLfzvNrLm8ZBzBaJSmYAPkiLCU8Ok7OfMuTvJ9eRVHTWa9AKnstOWlkEoZDPqjWAXgka-IwFSk4x4KheIaORLdhM8vHZ7vylKwyH56WWcR8-3BGifSKNiml2szEUQBFOxKzbR0UtViWsOPR6_RipMOEVIrK-CrdpY_iDv_wHetiwZb0d44VW4Q-1stif8UhTDolCCVfa7OdtstttI3-wpuT_gLuCvZTJC-elQxlM-OuL2mQ_s_AvwuC7ql-walHSsNgsmUh1Ew0kK-3n0GiWjPwnvjK04x6Lb7STlnuz8ewnEE9K3LQJ1BgvggrPS5JaRqh48xQCTONxTknSjbc0Wb6DfmG31AL7xOELuMBpyleFHNO3-VzCgE53in6TJWMMO94w1a-7Caq9CdBPyA9w2pBSJF7jY-UOGUThn0pXv_WmPJRVrUE8E0R9ZuPzT1sAMn8WjgolBs0yik_sMURljh1FsrRQnBXY87Z5U1mIq8HlES7es6UnqfOfcoQ8PQmynXwmFmkH_gNffAyfHq_Lzr3kn54tBILfQ5gHnhiuBrxnD7KhL3EYCq4d65qUrBXtMTW2Sc7SQ3rKkkP0_tbSTUH8rRepBjsTrAD2b3NUSqdKsGhZuatvQCtT8EoUuCvA1lpUzbzOxDFDyEPIOW41W0GFGDbQW7XVmjH-MY&uid=7c30c0327ee8917fb071701930185055&mguid=&gprice=FBKbvHz27eUnpyFRWCCzeQzzvYzzcILrXUKBQfsetMI&pb=d&uidct=1701930185055&uu=7c30c0327ee8917fb071701930185055&tst=1701933787758&ppvs=6&tss=5&aps=3&rp=3&fs=3&bs=3&caid=standard_pc_3x1_big_word

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://enlifesun.com/2019-12-03-1298/

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Check%20out%20this%20article:%20%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20https://enlifesun.com/2019-12-03-1298/

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://enlifesun.com/2019-12-03-1298/&media=https://enlifesun.com/wp-content/uploads/pixnet/e878aab466ce3515ecada0b7083a3a5b.jpg&description=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://enlifesun.com/2019-12-03-1298/

Search URL Search Domain Scan URL

URL: https://www.kkday.com/zh-tw?cid=7635

Search URL Search Domain Scan URL

URL: https://www.instagram.com/enjoylifesun/
Title: enjoylifesun 我們是小孫＆菲菲，喜歡旅行也喜歡美食，更熱愛一切能讓生活變得更美好的事物，目標是一起旅行一起慢慢變老：）

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C0gItCtPtuh/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0br-oiPxUg/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C0ZO4V0vw6o/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C0TTOVCvnIE/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C0Q5m_YPOyM/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C0Nj6ZrvIDc/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0MRlS-P-mq/
Title: . ♪ 空間美餐點優 . 適合聚餐約會 ♫

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0K7pRvPWn6/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0HRBWAPdJo/

Search URL Search Domain Scan URL

URL: https://pixranking.events.pixnet.net/personal?utm_source=personal-medium&utm_medium=sticker&utm_campaign=achang

Search URL Search Domain Scan URL

URL: https://pixranking.events.pixnet.net/personalrank?utm_source=personal-medium&utm_medium=stickerrank&utm_campaign=achang

Search URL Search Domain Scan URL

URL: https://achang.tw/
Title: 阿腸網頁設計

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 151

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM HTTP 301
https://tpc.googlesyndication.com/simgad/9582802623576457529

Request Chain 173

https://googleads.g.doubleclick.net/pagead/adview?ai=CCvn813JxZc-RC83Dn88PjcGPyAOp_6DQdL6K-JvwEaOener_QBABIP3Y-CJgleKQgqAHoAHor-yIA8gBCakCxtrxx_gNsj6oAwHIA8sEqgSUAk_Q5QmibkfzlvCsp07OZWYzq5i7r1TShyLdj0ox8D7Bb0RdPAWa_dWews8zd_3VdazZmEc8yog06csLEqNI3oJiRyIGPVXrg9NLii6wJjake-Pxf3zHODAFE1Qq8w2JYM76uUWXZApHhciNhXAld3ODlnjin8RhptFQAJLqE34UsBzji8fskw9a5u3WoYM06bTmlys7XZYlicigiI2HK7pXy7IJaJWiop7aERMyFwI1MYf8nlU1PEx8D31CRaLJwrYdpwSkzo17a4Bt2Dj6UHCbYLhGTM8SrsGsva8lX8vWcXmr9QSSCZYdyCTz5SIdZwleA3hB6QRRnICxqHgftamS1fINeEXAUOWp_jSM22lA6tT7D8AE6Kr09cIEiAX6qeyRTZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA0JN3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEMLkENIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY6Y_LtOX8ggOaCR1odHRwczovL3d3dy5uZWJ1bHVzLmJpei9kZS9kZYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAtgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04OTY5NDg4Njk2MjM1MDEwGAA&sigh=GcA9SaVpGrQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNCeSHw0bKZaCVCTrfGDPjKwl2dc9JLtoZfXhi4y4HzhiohUxXPhI-YGfWPZkpWvM6ki5bIxQAlF_DK3Js_6Uj-UgkmH85qDriPRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224292857751117837451%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217969246588246655137%22}&andc=true

Request Chain 181

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG491_rGRD9sSFav1v852Ec_esPjpvtZO8fs8Xp0c9fY5p_maYjXWq2yJlz8 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG491_rGRD9sSFav1v852Ec_esPjpvtZO8fs8Xp0c9fY5p_maYjXWq2yJlz8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDhpUDFZSnExUmI4SVU1&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG491_rGRD9sSFav1v852Ec_esPjpvtZO8fs8Xp0c9fY5p_maYjXWq2yJlz8

Request Chain 183

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERkY2URCbr4ycE7VPoqVKA&google_cver=1&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB0YCiFyQ98ERal356eQ0c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB0YCiFyQ98ERal356eQ0c&google_hm=jg-_IyCERUKXisfcESykbCU

Request Chain 185

https://d5p.de17a.com/cookies/google?google_gid=CAESEDQ1k2ntzJhtiqaRZurBI8I&google_cver=1&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDQ1k2ntzJhtiqaRZurBI8I&google_cver=1&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw

Request Chain 186

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFK8FEoCNfHvpykvATID9Yc&google_cver=1&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1yWLBEGpBo1wixvbBi4STo3w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFK8FEoCNfHvpykvATID9Yc&google_cver=1&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1yWLBEGpBo1wixvbBi4STo3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1yWLBEGpBo1wixvbBi4STo3w

Request Chain 227

https://a.tribalfusion.com/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 228

https://um.simpli.fi/gp_match?google_gid=CAESEHTwoj5ez6T6MH_Ysrvbk_U&google_cver=1&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOLaNDM8RRlMK8csBmo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F82A6A30FE498A9BB2B33B6A1B978D&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOLaNDM8RRlMK8csBmo

Request Chain 230

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECiAyhf3d5AOlr_IeqLQGEk&google_cver=1&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuoxvmiVF6ztttf9Qvqg-mJgGzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuoxvmiVF6ztttf9Qvqg-mJgGzw

Request Chain 237

https://googleads.g.doubleclick.net/pagead/adview?ai=C2W7i13JxZbC2KY7bn88PzNKbiAj89Yu-dPfHyIH2EWQQASD92PgiYJXikIKgB6ABvIbNuijIAQmpAsba8cf4DbI-qAMByAPLhICABKoEmwJP0OGpnVoRteJvYzkqdM4ljqlUKuj_mwnmybSxiq0IZe-SK1KdK79j5dTgss8fl3tRjKz9l_cxkIzWYjLmZbVc6gB0m0gTFaes4Z6Z9_qP09JHP4D61FQVio1y3vgo3YaRWptdsD2ZNoPsOo6z4rnt5245EchBOsHcDCnbpQKcIRz6is8r-3iIKm4fjXPkqXNDXPiU1KCAu1FJ4fV9TVYPEOU-pjnz-VI4vasPGzE-M0NVFWXf7maYv6a5RiY2iRp4IEvsFvf9hjlG98Hs6_g_37xi9Mw2MFUv4VSr2W8P9iMadthcdyRjrdG9Ed3D8sc7u3MQTutXkuWvwg5UoPYhH8ebG6fFQYrzIrrpIgY77Zh2F70sS9M2YLFGwATur4efsQSIBaXG9L9MkgUECAQYAZIFBAgFGASgBi6AB7y-nZoDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQg5cE0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliTpOm05fyCA5oJJ2h0dHBzOi8vd3d3LmJyYXV0Ym91dGlxdWUta2F0aGFyaW5hLm5ldIAKAcgLAZgMxuSGn7EEogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04OTY5NDg4Njk2MjM1MDEwGACyGAMiAQA&sigh=js9AcrobHcE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNPD8i3_J0d4Nip0nT0KsOm3IihJW6ciEICMhqVkngfUs8KXXcpn7CkytSz8_qPOxCM4bw6j8JKRgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212244606111181863934%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210860315452%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214800182668319673425%22}&andc=true

403 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
enlifesun.com/2019-12-03-1298/ 288 KB
69 KB 317ms
274ms Document
text/html 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4503d1857ad021a48b44c69ff615df915ba66555a503054bea02bf2786dd3e3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b055add4b367a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:02 GMT
link: <https://enlifesun.com/wp-json/>; rel="https://api.w.org/" <https://enlifesun.com/wp-json/wp/v2/posts/1298>; rel="alternate"; type="application/json" <https://enlifesun.com/?p=1298>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5APPktuDz4tzg92k9geqoqWH20e4TY%2BwHcvIh7QiFFYilQJoD30WHzeCkv%2BHVUq5aRXbYly0TJcNBy8jV4LpXdZkrHH5lwRc2Z2Q0pegQY3BhcoarvTmxL2VDJaN1R%2Br0KN%2F%2BIpVawW85jl4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 sbi-styles.min.css
enlifesun.com/wp-content/plugins/instagram-feed/css/ 33 KB
5 KB 27ms
24ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.6

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlATHkoF0VoOW3i%2Bq36y%2FJx2Zy9rXO5FkNNjpPrCunUHY4bydbQ8unPxPAkdoxFldlYwE9EeLZ1J8i6Pe6%2FIYef7F20Whv0Ld94iNbqzma9Yn2qFTrngs4du7IlSFiX6ivia%2FTbkCtKDyWbG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce863367a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H2 200 style.min.css
enlifesun.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 32ms
30ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424155
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:58:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NriUdGoUDsZuJOCNA%2BzHHGUf5lSFHDszEhPTc%2F1pH2AHj1%2BwUnpFSSOVRNXvZKvthzmmyTRD9oOaQ%2F%2B2D3y%2Bic221MEw6vx66gM0qep1xdyxRw6r2DfV2ifVyO%2FaJ6t45tkFlU86VUdjWmgz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce865367a-FRA
expires: Thu, 07 Dec 2023 03:02:57 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
enlifesun.com/wp-includes/js/mediaelement/ 11 KB
3 KB 34ms
31ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424155
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmvHQ0eNBXHwUupK%2BEvmK7%2BrHmMrsivS8eR7WblSDjeo21AUNIqSPxppvXUKgVUexljtfVSA4KmsfIM5lETlN5EIAjN810TayN36nVSZt01npD16JUHLGfIw1QpFT1M98vCEKP5EP5t%2B%2BV%2Ft"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce866367a-FRA
expires: Fri, 08 Dec 2023 02:53:32 GMT

GET
H2 200 wp-mediaelement.min.css
enlifesun.com/wp-includes/js/mediaelement/ 4 KB
2 KB 36ms
33ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524228
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhYxGBx0l%2FzyhW7aXmt5IAiy9sB%2BU%2FhoKNuW%2FBATQ7UGrq7EKZI%2FX1m75qUcQfMzVNQpNNB6pypcItGSwSKrYY6tTLRGWZIGxBuNBnOaCZgfd7YVfJAwb9qm8NACcd9%2FunzWwfD5FDYxGafC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce869367a-FRA
expires: Sat, 02 Dec 2023 02:39:33 GMT

GET
H2 200 style.css
enlifesun.com/wp-content/plugins/achang-ft-btn/css/ 1 KB
744 B 30ms
27ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achang-ft-btn/css/style.css?ver=1701768818

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3a3c10659d379891d1172383404fb727570679775339c140aa0d7375274ea9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:33:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipHmg%2BmgoU09oSABgSAfHXNvvm3QZHHvENOF3ixP%2BMEohQYck8q0HEx7oxhei2VHkI%2FkCi604nMCBufeaw68mI%2BVbk1A68hgc0n0OsqH407gZ9f5SYzOKFUE2Hwv2xk3gPlus8l0IsJ%2F5p1j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce86c367a-FRA
expires: Tue, 12 Dec 2023 09:34:25 GMT

GET
H2 200 style.min.css
enlifesun.com/wp-content/plugins/achang-related-posts/ 2 KB
1003 B 29ms
26ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achang-related-posts/style.min.css?ver=1701768824

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b7b2cd4e4afdf98967a110be76afaa99702848dcbbe325221edbb1e37fc31c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:33:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi7nUnSfFICXGS62cKzZHjH3obEZSN7%2BWS95MzJ4S7JQkYv65PvnN%2F4zJdPgS7%2BR6F5lrld4wXOXfmz2kNCQxovup80TcbBhSrYO4mo2zt5dMb%2FCkQXBXOridCzNeUhEZetI%2BdhV06SZrRgj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce86d367a-FRA
expires: Tue, 12 Dec 2023 09:34:25 GMT

GET
H2 200 screen.min.css
enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/css/ 6 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.60

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0806ff4935144c0e146860185404e24577e79c60a063bc5b33b493fb14c2d941

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMgfZwm5dIWvkjNtdZvD9Oh8A4zqwux6msfCZUxHQ0p5zCAfAvfRny1UgTdUHhtDeBzSxNQ15wiRnNIA%2FQ%2FpBXNpaoJ2zJrULd8ncJ6R0zrtLSaefXhkv5S4FvMy1Fo57g4WWNCFkxNH5ugz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055ce86f367a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
BLOB 200
OK 03e3b3c4-b20e-4ceb-80da-91bf1836109e
https://enlifesun.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://enlifesun.com/03e3b3c4-b20e-4ceb-80da-91bf1836109e
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 style.css
enlifesun.com/wp-content/themes/zblack/ 58 KB
12 KB 41ms
36ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/style.css?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34c1afe2c5394e2277fb08bed2f3366798e72b3fe7eeffbbdb2c8baab3c434d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 765
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Sep 2021 08:24:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEYaDFYfVtiKF2orjL1yrZEaxWntxCpZYyuZsmiEhzjmKYVqki1Q6H2VLV%2F8%2BOCl1QnjHcVVolyK6sKXzECgM26eZn5FFZoLleOu2Rbff6JArxmSxkeCa%2B%2FzOcU79%2BdXX7DbXwQ%2BsueEW9%2BE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf878367a-FRA
expires: Tue, 12 Dec 2023 22:21:27 GMT

GET
H2 200 jquery.bxslider.css
enlifesun.com/wp-content/themes/zblack/css/ 3 KB
1 KB 40ms
35ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/css/jquery.bxslider.css?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d53a26054d308844b2ccab2858a548c6f712c6fab0098212562584ee2aa59f67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83313
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot%2FSbqbgaw3Jj2o%2F3a03pnVx6LYkmbQ8xprI6gajY1bh5eUTO02r4b8F8lq6QzO0QrTF3Nbv8LNHdjh9dWCMsIssr0SkTxFhmv0nbjWUunI2FrWq1NXZmKjmGXk2dtHnuHDuqlFnKhBEfHY6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf879367a-FRA
expires: Thu, 07 Dec 2023 03:03:44 GMT

GET
H2 200 font-awesome.min.css
enlifesun.com/wp-content/themes/zblack/css/ 30 KB
7 KB 43ms
38ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/css/font-awesome.min.css?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOVM9pD9o8Vws5xGT28ZmoSD0L3MXIK0WuEvsdDwku5gwqItWj2NxWmTLI9vb0736MhUsCyBdLsOmc6PdKSf4%2BU0JGr8e16y0RpnV8h4OHLepOY%2FwKYyAkA9xWPy2mV5kvmU9miJY4rY9E4n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf87b367a-FRA
expires: Thu, 07 Dec 2023 03:02:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 717 B
779 B 68ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 06:19:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
653 B 68ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 05:48:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 custom.css
enlifesun.com/wp-content/plugins/pixnet/resource/css/ 537 B
538 B 35ms
30ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/pixnet/resource/css/custom.css?ver=2.9.9

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9ea07c52cc4b6289dc701074bc0070edc9b051827d0f6bd6ef6a994e44b96c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97920
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 02:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbjuarJAXOhSElHBOvAfetfXQgB8yoSUfGJ%2FlaUMytd0K7wBxRxStA01ocZZAxmYL6VtkWAvr0JKAuBTL2FQQIQcP6M0hs154SHPFIuTSLGwyHrmKUN6oSxmJwgvpSeLcIKY78OxIVU8db4p"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf87c367a-FRA
expires: Mon, 11 Dec 2023 05:11:54 GMT

GET
H2 200 sassy-social-share-public.css
enlifesun.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
3 KB 34ms
30ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.56

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsOYO%2B84DJTmcDgeLuhcrM95qrTXIJ2kpDiZWbTV9Vjx81Wssmz1p9orI3GpGCKNnJtArTINQGY1vosPHH2SOXvs7Yhes4D8G7L1uiRH9qrPWgEmV0hSFn%2Fj0JzFMFjXzboQycBkGmpZRbaZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf87e367a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H2 200 stylesheet.css
enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/ 241 B
421 B 44ms
40ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/stylesheet.css?ver=2.6.8

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c457b99ad67bf48974273ce18b6f53792e27067ee50aeeebf0dcf71259b634fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217127
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Jun 2023 09:48:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED3ov5PwotDz1xwEzhp6qKS5oBoUP0VT9bn18xzK74X%2BZsPVi272dSpc8KGM1vbVI8zgMwIvZ8OtJFM9ZOhltn62AAXSf3aUqKSx%2Fm5NKl2pMgpJAsjGa2TwAZNWdvzjGnUOp6HYxwWqeT1M"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf881367a-FRA
expires: Wed, 06 Dec 2023 00:43:03 GMT

GET
H2 200 stylesheet.min.css
enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/minify/ 213 B
415 B 35ms
31ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/minify/stylesheet.min.css?ver=2.8.3

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4719cac318d12a868f2c976a774f25bfeccd110ab03455b7c195c2f579cfc50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395031
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Mar 2023 06:18:02 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKYGRSOF%2FN89UTYnpP%2FQzcWhboFH5FprkqcweefpfzD3dpabMTrbwW0zP4CAKmXpFn3Pt86lfoOWL6eoTykHvvqhmY%2FRPKbBZokFGFsP5k5MFmjt4iiSgZTimjemwXCkMYpnLyZfErp2iyK7"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf882367a-FRA
expires: Sun, 03 Dec 2023 23:31:10 GMT

GET
H2 200 style.css
enlifesun.com/wp-content/themes/zblack/ 58 KB
12 KB 44ms
40ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/style.css?ver=1.3.2

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34c1afe2c5394e2277fb08bed2f3366798e72b3fe7eeffbbdb2c8baab3c434d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41184
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 11 Sep 2021 08:24:42 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYltCiR2XwLKUPE94yST3umn%2F%2BUPc%2FjPpcDwc0nd1OksCM2fKRpEkTUvqGVhnizD6uYsDzo7RkKch5qXCbM%2FDrmRCFS8FURwUop%2Ba5EKEBnbW66UQMl264vF4I4wZX0OMk5s58TxVsoaTcV2"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf883367a-FRA
expires: Tue, 12 Dec 2023 22:25:04 GMT

GET
H2 200 achang-theme-child.css
enlifesun.com/wp-content/themes/zblack-child/assets/ 2 KB
1 KB 41ms
37ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack-child/assets/achang-theme-child.css?ver=1.4

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c519dfbf4321194895e441929f4ca29b539dad3251eb37946ba27eb5c16217

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 01:41:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X674HPxzdIxsb218KGLf%2F7Qntz60sCFgJATP6Igk%2FpbMxlodMQqIc1ny8z8nQiio0CNjXD9lXXlXGQBOkFvCFy%2FwxDhFkwYcNxY0sxQWfUdfhmg03eKYJmQNwQdbQsFq5sCjpEsulW%2FRvonC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf884367a-FRA
expires: Wed, 06 Dec 2023 03:04:24 GMT

GET
H2 200 jetpack.css
enlifesun.com/wp-content/plugins/jetpack/css/ 98 KB
19 KB 48ms
44ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.8.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLg%2FaZ9ivaQxO4JYYICeArOUHFFNv7OxFgqNaXsdgqGA9Bb%2FAfeF1OH4idCWKmz53gRA5oAzO9nyENYuwU%2FwHJG%2BDbOWQfoStEh1hiZWhLdU65sDFHau1658S9sCUa1APU3BWUh%2FLrFQurG%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf885367a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H2 200 wp-dtree.min.css
enlifesun.com/wp-content/plugins/wp-dtree-30/ 443 B
515 B 39ms
36ms Stylesheet
text/css 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/wp-dtree.min.css?ver=4.4.5

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162903
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 17 Oct 2010 20:48:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkchUkw%2FK9VRK%2BpAY%2BjwtbpNyIGR1zDSwO4%2BVC12iBgrD8MxgFV2nLFfZ9zWP%2BWcxXzVxJX2wDOz53ABYZe0FMg0P18cR5JyVbc2Jc%2BvAsyqdg4i%2FyT39%2Bb7tKwSQsx5JbAjT%2BpIai5aHV2l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf886367a-FRA
expires: Thu, 07 Dec 2023 20:27:27 GMT

GET
H2 200 related-posts.min.js Show response
enlifesun.com/wp-content/plugins/jetpack/_inc/build/related-posts/ 6 KB
2 KB 41ms
38ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529017
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 21 Aug 2023 20:42:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xtwJf3s2pWQ31mGa0pzyaPh7qhCu%2BSEviSpTluVcYQOIxspBl41GWSawLMI3OsX%2Bbf6orOT4NpbwsrKbfvywS9dWZM8emJ6orqVYWiwYDOva%2ByhRfrr3Bsv8Mg1G2qSe99mEEmgQLyh8sWJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf888367a-FRA
expires: Mon, 04 Dec 2023 05:11:19 GMT

GET
H2 200 jquery.min.js Show response
enlifesun.com/wp-includes/js/jquery/ 86 KB
31 KB 48ms
45ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424156
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:58:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMFhJoDP3XWAqtnpr1HdUNc2UysnuSuYTmTchYLj2UTxo9twLPYty%2F8OOU0VwZnKZSO1Gvvs4nNSllt8HQGl1oQE0Ll8fvAgjLqrqo6joqtpE9Y11UmHW0eb%2BvEiwlsLd%2BQUxZtrmBbyuNOw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf889367a-FRA
expires: Thu, 07 Dec 2023 21:03:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
enlifesun.com/wp-includes/js/jquery/ 13 KB
5 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525732
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 09 Aug 2023 02:58:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flzqSnbrVcVYdMkkbCj5J%2B%2FmXyabQvzAXZaj%2FHWDrRBvAgVeTJEC07wcp%2FZZ99KY%2BJHqT5BwCjGED3Ka6vb167NlCbkRlVpmDN3KHgCWkYkJIwmkKHFqBRFQ2u4HrFp%2FGtJWNhXVLyEq7%2B%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf88c367a-FRA
expires: Thu, 07 Dec 2023 21:05:53 GMT

GET
H2 200 stickers.js Show response
enlifesun.com/wp-content/plugins/pixnet/resource/js/ 2 KB
945 B 42ms
39ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/pixnet/resource/js/stickers.js?ver=2.9.9

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e926068827db5ad37f115bfe2c506674fbbb7551ab1834a9482bfb65d17f913

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183814
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 31 Mar 2023 02:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGJLEPtyV%2BxggKhsbujisonAWzSwQrqpzibDPEswDOz2ajj9DLmlz%2BLB%2BWFqyJGK%2Fdib%2FvRdbtC6BtN8fOVXLaMXhfxDiQLoIyfFzr7KydJpKaKmm%2B6J6H8QmTbFAx5czKcQPbj0HVJzl8Qf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf88d367a-FRA
expires: Mon, 11 Dec 2023 05:11:54 GMT

GET
H2 200 init.min.js Show response
enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/minify/ 714 B
673 B 43ms
41ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/minify/init.min.js?ver=2.8.3

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60cca572452b2ccf5fcd1c294a590b0ff412b9605a86732b9345e98f0fa49055

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183814
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Mar 2023 06:18:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FymtaV18BMCzJNWTofwg5kVukfg%2FxLYJs1JPCGGOUuMGqJmDjJ8ljzgNN3kC%2FXH4mzb0gBkENhkd%2FR9JjMyon9HOnUBfAh4kP%2BDvGLL%2B04JaI8RiY61C9%2BshYYk3mbZjW1fy7LECll7hoxC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf88f367a-FRA
expires: Wed, 06 Dec 2023 18:23:36 GMT

GET
H2 200 wp-dtree.min.js Show response
enlifesun.com/wp-content/plugins/wp-dtree-30/ 9 KB
3 KB 47ms
45ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/wp-dtree.min.js?ver=4.4.5

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9988
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 Mar 2019 11:30:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET7%2BTvd1Mr8qUg8%2Fi40eZ7UDeiaYj0BD%2Bmo7SmDL7zTsO0Wm9QlY%2FCwV4cyhIgVvwm%2Bk32p4DFG5c%2Fo56sib2QihhiiuJChlP6Aj59N%2BZC3CNe%2F5YNAyw%2Be3wUcRS%2FD0G2KErXvQ9F3DR01J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055cf890367a-FRA
expires: Fri, 08 Dec 2023 01:23:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 80ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9767966869087000

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59c781337e828bc38c20c4ed8ec4f051dea3232c4a3ca331f89be8dd61637d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51942
x-xss-protection: 0
server: cafe
etag: 17436028867548138314
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 81ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8969488696235010

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae982bd9c48b617d80117933646ac69210c8ded6dcdb02e495f1933fe1e8064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52152
x-xss-protection: 0
server: cafe
etag: 14913565019261825052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H3 200 e878aab466ce3515ecada0b7083a3a5b.jpg
enlifesun.com/wp-content/uploads/pixnet/ 1 MB
1 MB 1260ms
1259ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/e878aab466ce3515ecada0b7083a3a5b.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df3b6a5028af349fcbe57be434c004f6dbd09d4bc7a69aa94f4d8302e9445d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1363418
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dge4lBhY46OydhsVRttwMOIMmh7JnOAZx7QqN60iYtPfXsBqOJ7oQPoTv%2F6viWARik7oHVgwtQhNQJ%2FV5rBTcz9bctv6Ul9Iy5%2BwcjTPgkH5PbKufCZjc08onfcpR3paguNbGSXeyyDUumaG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055d4eba3a8a-FRA
expires: Sat, 09 Dec 2023 18:33:32 GMT

GET
H3 200 20230307223635_29.jpg
enlifesun.com/wp-content/uploads/2023/03/ 79 KB
79 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/2023/03/20230307223635_29.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f004473c795fa281f1016c7aa39c85e969d6d2d35e3a551f073d4e0d0328de5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490031
alt-svc: h3=":443"; ma=86400
content-length: 80719
last-modified: Tue, 07 Mar 2023 14:36:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0JQ9U4DLI4R0uo1u6emBBEq2UoFSJBD2voi2rtIyTEz5CffHqu5Qfu4FTO7QXPcA3lPgdtP2gr1WniCCovQCfujLl7EDwXxIoLp8A7dE8lMFb2V8pTaQMlNzg%2FLEhTnMCCdvT1Vc%2BdDGI%2B%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055d4eb83a8a-FRA
expires: Tue, 05 Dec 2023 22:24:00 GMT

GET
H3 200 1b6f76da94bc9396f1631bb2fb3678b5.jpg
enlifesun.com/wp-content/uploads/pixnet/ 790 KB
791 KB 512ms
512ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/1b6f76da94bc9396f1631bb2fb3678b5.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f175c04bd69a087fa8ffc4cefc0b10a2c898d37a70c7917d1ee4c299d6514e89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 808882
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljqj5s6%2B9iVlwG7WnRIqp4bbPAskIGPDLWIY6Qs2v7wpOeDIHg%2F%2BwYsjQGcFWmIW%2BUBEACKodxU7WYug65ivmmT%2F1MHwcGwkHh3%2F8A%2FYWG1hGkka2PHpNtkNI5jaN41N1pfKg2J167isold9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055d4ebb3a8a-FRA
expires: Thu, 14 Dec 2023 07:18:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
68 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WVSBJDC

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e116c9279837d501d7a34a4f732de4faf3d3dceaa47a3f1dab12645b10f03b62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69341
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 pi.min.js Show response
s.pixanalytics.com/js/ 6 KB
7 KB 56ms
7ms Script
application/javascript 143.204.98.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pixanalytics.com/js/pi.min.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-99.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a524efded21c9eecc5ab07d7b3aad79be17bed5883e453f5e92f0bf04a35cfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 01:12:05 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 10995058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
content-length: 6213
last-modified: Mon, 12 Jun 2023 02:44:23 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:b9bf8eb2871ce7ac84a476dfc4fe2e18
etag: "b9bf8eb2871ce7ac84a476dfc4fe2e18"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xr5jbLIXkaxr5TVH7cfcPd-HXj0jrG-AZr3pBRboVYxFhT_L5tS7wA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 39ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700&ver=6.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options: nosniff
age: 42611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&ver=6.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options: nosniff
age: 42611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H3 200 fontawesome-webfont.woff2
enlifesun.com/wp-content/themes/zblack/fonts/ 75 KB
76 KB 22ms
22ms Font
font/woff2 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/wp-content/themes/zblack/css/font-awesome.min.css?ver=6.4.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://enlifesun.com/wp-content/themes/zblack/css/font-awesome.min.css?ver=6.4.1
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247997
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cr2XQnCD9WbOKKJUugMSwbmx2LpaKB34A70ccfGbar0diH%2FBwvXQPbIB4YT7IPCNtekDa659NDxDT80WosLHF9%2B13TEK94YuRmjO4pkCWm907WvyNLXypoAg0djkQ8Mi0zx9xjFJ%2BORkkkrM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055d8ef03a8a-FRA
expires: Wed, 06 Dec 2023 07:18:05 GMT

GET
H/1.1 200
OK pi.gif
pixanalytics.pixnet.net/ 35 B
560 B 1612ms
284ms Image
image/gif 103.23.108.124
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixanalytics.pixnet.net/pi.gif?t=pv&r=0.6399477445266373&pvid=3ef1a494-083e-49bc-9d2b-126ca88f1271&document.referrer=&document.URL=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&screen.availHeight=1200&screen.availLeft=0&screen.availTop=0&screen.availWidth=1600&screen.colorDepth=24&screen.height=1200&screen.pixelDepth=24&screen.width=1600&window.closed=false&window.height=undefined&window.innerHeight=1200&window.innerWidth=1600&window.length=0&window.location=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&window.pageXOffset=0&window.pageYOffset=0&window.outerHeight=1200&window.outerWidth=1600&window.screenX=0&window.screenY=0&window.width=undefined&navigator.userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&window.devicePixelRatio=1&venue=1f-6409a896be483&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&opt_out=
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.124 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-124.static.pixnet.tw
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:04 GMT
Last-Modified: Tue, 07 Aug 2018 02:47:20 GMT
Server: nginx
ETag: "5b690838-23"
Content-Type: image/gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NNMETTF2YB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVSBJDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbdb5aefaca787b23bc13bd195046bc6bbdc920deadfbda921d931b1a617d738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVSBJDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a017bfbd4225a919714a49895e5099c4ac535eacd94e51ce36d96bcb51e8627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVSBJDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6073
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H3 200 076719be27dec8c75e13354de0dea044.jpg
enlifesun.com/wp-content/uploads/pixnet/ 975 B
1 KB 934ms
933ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/076719be27dec8c75e13354de0dea044.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1b3367a72a79b699979a7a1e8443e5862b68295fcd47b26f9cbf8381c9885b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Wed, 01 Mar 2023 01:57:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOk5LgjFnJAvzIAineMQvTCaZ6NkqE%2FULPRwuqCWeVMb7ECYLY59EcGuMQoIlrROtDsKcvsCf5v1ZhgyYKE9XVVwUUe3Rg0ZFXHYEe8vKt77%2FSq3r5mXjs8ttL5PkjqdTxwxrqy31YR5nfur"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055e1f883a8a-FRA
expires: Thu, 14 Dec 2023 00:34:43 GMT

GET
H3 200 8d09eab47284aa4aa8581f79537bcd99.jpg
enlifesun.com/wp-content/uploads/pixnet/ 143 KB
143 KB 427ms
427ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/8d09eab47284aa4aa8581f79537bcd99.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fd5d835acdfcdb081d0dc2428e31387b393e881dd6163c4229c01fe36cec3c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 145955
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utCDoOUKZbFO2%2F7F0NkKolou7jJCm5UKyicCE28Yo1y3LeOPsFWKwNPMjGFxWPyBz7o%2BP73s7NQBoQ0yIhOOPYUECmT%2BNCfX0jDRfMlSKeMXrsKGs0lPiZX7A4YXMWbaE08toh3GgGWt2eAL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055e1f8a3a8a-FRA
expires: Thu, 14 Dec 2023 07:18:38 GMT

GET
H2 200 sherpa_init1_08.min.js Show response
cdn0.agoda.net/images/sherpa/js/ 11 KB
3 KB 50ms
9ms Script
application/javascript 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
last-modified: Thu, 07 Sep 2023 15:38:41 GMT
server: Akamai Resource Optimizer
x-dc: ASH
etag: W/"5dada82a80c2d31:0"
x-cache-status: MISS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1691899
timing-allow-origin: *
content-length: 2896
expires: Tue, 26 Dec 2023 21:21:21 GMT

GET
H3 200 78a6cc9824abe61a5958f0cdbc16bfb6.jpg
enlifesun.com/wp-content/uploads/pixnet/ 739 KB
740 KB 522ms
521ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/78a6cc9824abe61a5958f0cdbc16bfb6.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468bb82a87beb5e14b72b3cd0d554195fdc26223850940f17b202b4c70662e0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 757004
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BIWMWaq8tx0PU%2Fh0RQbeC9Qw50No%2B%2FN0zy1Lg9PQpxgC63cFWaiM4GElVs8FfHUlZz0IMAoiMx6rA7ihFOMoCmILOfIuVhHb5ZX61hXBwHj3yniWyAb0d3ofvFPYRJACYmW9BIQ03pWFnLB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055e2f973a8a-FRA
expires: Thu, 14 Dec 2023 07:18:40 GMT

GET
H3 200 1cb0794d51b7ada8869853a77557df59.jpg
enlifesun.com/wp-content/uploads/pixnet/ 727 KB
728 KB 1229ms
1228ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/1cb0794d51b7ada8869853a77557df59.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f8d6fcf72b14427c4ff8cecac9a2c182f9911b65003f3e7e3bbd1bd6bc49884

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 744813
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2sNdOtuVLdq%2FGW4O5rtcB%2FV3nBfcrA72xQar2U8ofcIGARKXjBNSAnOklMaPNBQDsm2gg%2FCDr8KneGha6CvPJOr9VL1I%2F9YzVKxte8KISU55GWCM2%2F%2BVUyk0PJeMbNxhth3Hyb6SzJN5%2F4o"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055e2f993a8a-FRA
expires: Thu, 14 Dec 2023 07:18:41 GMT

GET
H3 200 ceaee6bc14a924f1be6ed99069eb7c1d.jpg
enlifesun.com/wp-content/uploads/pixnet/ 550 KB
550 KB 1246ms
1245ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/ceaee6bc14a924f1be6ed99069eb7c1d.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce63cc5b6e0e4eecc0f6a3247660060f2783d900941726559850c412038aced1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 563064
last-modified: Wed, 01 Mar 2023 01:58:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASeGDuqf02sCMqwOuQOQPYc9bylK%2Fzwiew%2B3sDsgWBUUU6QXSWecLVGIlO%2FeUS3sctL4slTOKTlVRhxriswwV7SEvzF7WxfoOEVEU0smOuobYZhp7SbG%2BHYybFmUIkj8ffgNoAMBfoe27FXS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055e2f9a3a8a-FRA
expires: Thu, 14 Dec 2023 07:18:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
134 KB 96ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9767966869087000&plah=enlifesun.com&bust=31079954

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9767966869087000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d425751922d00fdea08b7f5c2cc28d2bebe2ae072afe0eeb9de2afff112077c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137572
x-xss-protection: 0
server: cafe
etag: 5249041220481217612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/ Frame 4E5A 9 KB
4 KB 29ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9767966869087000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 16:58:41 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 16:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3daff4675a7ab9b5762d9fcce3dc75cd.jpg
enlifesun.com/wp-content/uploads/pixnet/ 85 KB
85 KB 576ms
575ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/3daff4675a7ab9b5762d9fcce3dc75cd.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c267b5a7e6f6646a9cd4847ae3b6f26cffb21490cf5901bde7a5e5639425b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 86821
last-modified: Wed, 01 Mar 2023 01:57:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B163f840dq3xypF87ONaO5MPxx%2FI%2BATANA%2F45jngNi2ml5AGyNMIkPDsg0Q5SlLixnoxhfShB5KI8ujyxU0oeRcYGIJDd300E1syZCbQtO5b4%2BVBx6uk6YMdcWjC3%2FgXX%2BzcmOeC2y7HHNW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055ea81a3a8a-FRA
expires: Sat, 09 Dec 2023 23:29:39 GMT

GET
H3 200 4204c420583f4d56c61a4f2fdea0b3f7.jpg
enlifesun.com/wp-content/uploads/pixnet/ 48 KB
48 KB 1313ms
1312ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/4204c420583f4d56c61a4f2fdea0b3f7.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e627a649d3c874c51258aba7bb4196c73a44873bfff2ec867f37fe919b4cf96b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 48778
last-modified: Wed, 01 Mar 2023 01:57:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VY0LdUI9VqZ8IVeKqiyKHFJec5O3Cm8vKfXOi%2FtxctWjJAyGKFCp5W5AtEe5N7MCFPhNMLppLUixU%2F6PO9ulNLSUzVlhQRPfB1HgGAk%2B7cb9hs6el0uqyvHak6yRwLvE5HtOgyUQ49A6sNF2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055ea81b3a8a-FRA
expires: Tue, 12 Dec 2023 08:39:47 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e7361b418f85903ab43d497abce93d48796fce4f6fe74159c476de5d018aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 9209668837814890285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 14ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=791223721&t=pageview&_s=1&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ul=en-us&de=UTF-8&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1134146685&gjid=1902730299&cid=655708928.1701933783&tid=UA-61681034-1&_gid=1555568801.1701933783&_r=1&_slc=1&gtm=45He3bt0n81WVSBJDCv9103803636&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1868571290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 14ms
14ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=791223721&t=pageview&_s=1&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ul=en-us&de=UTF-8&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=783451825&gjid=660749961&cid=655708928.1701933783&tid=UA-106748821-1&_gid=1555568801.1701933783&_r=1&_slc=1&gtm=45He3bt0n81WVSBJDCv9103803636&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=75025781

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 63ms
23ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-106748821-1&cid=655708928.1701933783&jid=783451825&gjid=660749961&_gid=1555568801.1701933783&_u=YEDAAEABAAAAACAAI~&z=1538537380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 07 Dec 2023 07:23:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 46ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NNMETTF2YB&gtm=45je3bt0v9103063672z89103803636&_p=1701933782616&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=655708928.1701933783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701933782&sct=1&seg=0&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&en=page_view&_fv=1&_ss=1&tfd=768
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNMETTF2YB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 27ms
23ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NNMETTF2YB&cid=655708928.1701933783&gtm=45je3bt0v9103063672z89103803636&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNMETTF2YB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NNMETTF2YB&cid=655708928.1701933783&gtm=45je3bt0v9103063672z89103803636&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=940502504

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 21ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-34D08J2LV5&gtm=45je3bt0v890810521z89103803636&_p=1701933782616&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=655708928.1701933783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701933782&sct=1&seg=0&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&en=page_view&_fv=1&_ss=1&tfd=794
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 21ms
19ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-34D08J2LV5&cid=655708928.1701933783&gtm=45je3bt0v890810521z89103803636&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 50ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-34D08J2LV5&cid=655708928.1701933783&gtm=45je3bt0v890810521z89103803636&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1420354490

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32493fca442ca7da5075117f275810f333f8120d1e8a42f7b9f8a5b7c66baeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51894
x-xss-protection: 0
server: cafe
etag: 2035183099215821507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:02 GMT

GET
H2 200 / Show response
cell1.adbottw.net/dy/native/ 15 KB
3 KB 509ms
474ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a810b029cb441118530b764ea34a4d4b8e22f3b86fbe998875568d8bc780b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=halypz%2FMnDoo52SXHaFWL%2FHD2CkihYdYOFvrXttG%2FD%2B539RG0QOZ97AQs9SZXo4W%2FhtAhcbcpDFPHlEJMCbJRERYb5ZS9aK4zeeGsuojmErmV0A5jQIyf89LVRtx6yla1h7bBmfP%2FjPGCvx9VvlrGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 831b055fca96bbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
cell1.adbottw.net/dy/native/ 10 KB
3 KB 504ms
470ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec2
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3049455a388ab479d060097a4fb0451ba8ea8c9eeb230174bc42c67d86b8c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHjuhLlzWQpHv8bytA0j5k1O4WnUjWRMeHjXKQscrqTC%2F8JBp3U1valLLa%2Bgwt0xfKCUY2SA4lXbO5h859R3XOsPOW4mnEqhvb%2BxsB1D3snax6Lfva1%2BkA1hRIpv6BuJsNRqnIKKQgOiVeNCpVSzuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 831b055fca9bbbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 f7eb3fbffcacb45b81ece595fa17b122.jpg
enlifesun.com/wp-content/uploads/pixnet/ 1 MB
1 MB 1252ms
1249ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/f7eb3fbffcacb45b81ece595fa17b122.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1959d23b1691a3d3c9cb6b3b21c7f04a9f3fc97e7560ccbbd55c593590aae059

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1184798
last-modified: Wed, 01 Mar 2023 01:57:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxy1kcpUnmhLqQWxhHmhrd8Y9LUjdyj2GUGOaQ5n7u6IxdDECCqY2ZnLHPOY8TsFIWL1AYaf8ebTB0fl2%2FspDRnhZ81KvfLQLoy5bqKTAm3s4sd6QlDiIm53aSgPBqaC9zCszyakRArsuxFt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98f43a8a-FRA
expires: Sat, 09 Dec 2023 14:36:39 GMT

GET
H3 200 cd2e59e03933d3be6a90e95150233ba9.jpg
enlifesun.com/wp-content/uploads/pixnet/ 1 MB
1 MB 1396ms
1393ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/pixnet/cd2e59e03933d3be6a90e95150233ba9.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98725b9da9d784cb352909dfdc456a5c6963599c5cce735387852a3b20e9ffd7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1294144
last-modified: Wed, 01 Mar 2023 01:57:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xxAQykT9Z8Z8wBWNxYxGOfAqPaJT8XeistaKxv3sAziQwh%2BFfqnEzQ9Nov%2BhTJuLKaPwqCOhIDfWs4p8bSMOYLe%2BMCZLuj%2BI8ylzyZknicTJm5pFsAJVcizRjZCdZraU5rAXSYOaD0QAzFT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98f53a8a-FRA
expires: Wed, 13 Dec 2023 04:15:39 GMT

GET
H3 200 20230306221518_75.jpg
enlifesun.com/wp-content/uploads/2023/03/ 847 KB
848 KB 23ms
20ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/2023/03/20230306221518_75.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724c6c9ce76797d6f7206cdc83574d4537a1aad4eca712206a8ea60c14880265

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490032
alt-svc: h3=":443"; ma=86400
content-length: 867746
last-modified: Mon, 06 Mar 2023 14:15:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAKCkZGNXmXm7zwTN17YQabKHPrnsf01%2FCE1EoSZAw%2FinfBJ0WgSsQ5LbV7%2FQEOKX5ztLXx8Y%2BaII7t0yRSECVo0X1rLr7F%2B4neicmqtf6%2BtHIPH%2BZELR33v3k2A%2Bf52ic%2FhtgswhncBIfir"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98f73a8a-FRA
expires: Wed, 06 Dec 2023 21:01:21 GMT

GET
H3 200 20230313104751_93.jpg
enlifesun.com/wp-content/uploads/2023/03/ 173 KB
174 KB 1254ms
1251ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/2023/03/20230313104751_93.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229c16cabeca272eb5bf3a7fa145ff0d02872d833062f48040d390e8684f8dbd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 177281
last-modified: Mon, 13 Mar 2023 02:47:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39PA9gGNilL%2FIvEdenYDqfkDZ3bc5vPTcJgyNT9dvs5O5nacHgb3dGlvPq4MwHhJIjlJ0yEaRZ1XCrtn7d7rrBWyLhwq%2F%2FqgV4StIDcBncTJa59z%2B%2Bs8R7NzAxqCShjTK%2BNpkzAZ%2FG00Ilkq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98fa3a8a-FRA
expires: Tue, 12 Dec 2023 23:36:46 GMT

GET
H3 200 enjoylifesun.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 2 KB
3 KB 75ms
72ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/enjoylifesun.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2df9c8930ded5d0b7231ce94ed284104455b3f56e4ad2851b53675f83d59fe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490031
alt-svc: h3=":443"; ma=86400
content-length: 2122
last-modified: Sat, 25 Nov 2023 17:00:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPHUy%2FqXcmEb7cTTFdwnZn2T%2FkOaevkNuB%2FFJPyyvpIyi0gXc1b2F8slE5RYYFXLQPwrduLQq2EHDodg6XB5ysj13XM2AOnIGyWwc%2F7kmpHb7UWz480sH1Hedg7Qq6tvDFKWUfTS6HTijF7j"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98fb3a8a-FRA
expires: Sun, 03 Dec 2023 02:05:31 GMT

GET
H3 200 placeholder.png
enlifesun.com/wp-content/plugins/instagram-feed/img/ 176 B
693 B 75ms
73ms Image
image/png 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16138
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Mon, 21 Aug 2023 20:42:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3N%2FGwSku49EKvtbIaHYwCPsezeuTUKr9tgvSNaSrmfhcT1DzMicewHFR04ExZd2xIIAt1e52hWCI4KQXif9sIf9dnxO%2BgO2yAHDdhjMLZBymnFlSkCw1N7Ur34XDE34%2FtreX0POvoyq8qFa"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98fc3a8a-FRA
expires: Thu, 07 Dec 2023 04:04:24 GMT

GET
H3 200 ic_loading.gif
enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/ 4 KB
4 KB 75ms
73ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/ic_loading.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5646faed05c8c21cfeb1a495faafdc0a94747149eaf7ca77ea28c3a989149e20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216557
alt-svc: h3=":443"; ma=86400
content-length: 3808
last-modified: Tue, 07 Mar 2023 06:18:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBW%2Bszze0mjXy%2Be4Lq%2BvB26%2BLObqf1fA9A26dGX27f0L%2BeZrsbUeTGZpLytDh3o5lzNSRa%2BwZCixQV%2FVF%2BwZfDZvmJeltyaHK8aSGvIYtUuM%2F2Bib%2BFnliD3%2B1XeOXXwret0TvjKAQdelr35"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98fd3a8a-FRA
expires: Wed, 06 Dec 2023 01:08:31 GMT

GET
H3 200 ic_loading.gif
enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/ 4 KB
4 KB 75ms
73ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/ic_loading.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5646faed05c8c21cfeb1a495faafdc0a94747149eaf7ca77ea28c3a989149e20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490031
alt-svc: h3=":443"; ma=86400
content-length: 3808
last-modified: Wed, 21 Jun 2023 09:48:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FRS0q9rKibI25fuDcyl1hXtE4%2FPoan46CzmIMxxDgjH4dRRxJ%2B2zIIKIaXn3WpZ9c1hpzhS3XrnBdeQhAdYnV1fkxUkd4lyP4GxDiJnGm%2FjpKl3kYrBWauIUdh27HnPH0ztl%2BSnjLRjlnLy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f98ff3a8a-FRA
expires: Tue, 05 Dec 2023 20:34:04 GMT

GET
H3 200 league_mobile.jpg
enlifesun.com/wp-content/plugins/pixnet/resource/img/ 78 KB
79 KB 1373ms
1371ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/pixnet/resource/img/league_mobile.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40fdbf98de996fbdda66bcf3f22b202e2c636b74a434ff87645648cfd543ed4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 79862
last-modified: Fri, 31 Mar 2023 02:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5D0enmH1NPOK1cSJfxB8ctGxtANetU4m0m4Vf1hWanmX9D1VGR7KBp%2FUF4HxyATvdGJq%2Feyl927fC%2FD3gsZFv17c6dBf%2BOGRnSW4Hc0gLgR7JgH1cooUZWQQkok54OMFDYM73APkUFsQbkxN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f99003a8a-FRA
expires: Fri, 08 Dec 2023 22:13:56 GMT

GET
H3 200 ranking_mobile.jpg
enlifesun.com/wp-content/plugins/pixnet/resource/img/ 62 KB
63 KB 75ms
73ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/pixnet/resource/img/ranking_mobile.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52fff91e2b7cf925a65719b1a4d125cf7c330c45503010985c9b241a186878cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490032
alt-svc: h3=":443"; ma=86400
content-length: 63797
last-modified: Fri, 31 Mar 2023 02:05:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BwX2QMPzN7SugBLt4eJn%2BR1WI2IZEn%2BpahIIhCfo0FMkUfOggO9tbWcgIOctIsZn9kIq6Ha4wd87yspnDPRhgfav8YyGffmW%2BvuL3Av6tkU1rDZ7g7JCXobBPIudsDSBhSK721XF1oIvrmq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055f99023a8a-FRA
expires: Thu, 07 Dec 2023 19:53:31 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 47ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106748821-1&cid=655708928.1701933783&jid=783451825&_u=YEDAAEABAAAAACAAI~&z=267329510

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-106748821-1&cid=655708928.1701933783&jid=783451825&_u=YEDAAEABAAAAACAAI~&z=267329510

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 90 KB
24 KB 110ms
7ms Script
application/javascript 92.123.150.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.150.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-201.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b2ca46b6073b677d881fe6448bfcb6656892880a4e46c8ffa77f157b417272f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: .rPjzOxyqngsiUb888D4poz2rt4pWYgo
content-encoding: br
date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Thu, 23 Nov 2023 07:46:40 GMT
server: nginx
x-amz-request-id: Z8G9KKCDCZHDJ5KM
etag: W/"a89a58fc509b1131f86b0c4e62bfff57"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=13527
content-length: 24164
x-amz-id-2: mKuvxfGVSAOF34yGAsTOwAH4eicc45C1zzPfCgUGnDtlhf5uGXLX0x2AashcEY0EGsQOqowjQAA=

GET
H3 200 20230419115536_48.png
enlifesun.com/wp-content/uploads/2023/04/ 1 KB
2 KB 65ms
64ms Image
image/png 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/2023/04/20230419115536_48.png

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc4ec893f0f5d11864cb4ee01f77d17ec38fd9e8035bf6bb92b19895bcf2aeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490031
alt-svc: h3=":443"; ma=86400
content-length: 1338
last-modified: Wed, 19 Apr 2023 03:55:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16%2BGQZGZ%2FKAbC02acCY6BOViFqFaZQk%2F5IWTNtEMcvX7m8Cpl6gTKVDxOtTSruRsUB00Kp9v50rxZfkE1nsgem5qPYcH%2FABGM%2B60%2BBfbxrlXk2CE%2Bx6vb4dlH7HI%2FaUvAQ%2FLDcC5Po5fbZC0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055fa90d3a8a-FRA
expires: Sat, 02 Dec 2023 00:03:44 GMT

GET
H3 200 20230419115708_25.png
enlifesun.com/wp-content/uploads/2023/04/ 2 KB
2 KB 65ms
60ms Image
image/png 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/2023/04/20230419115708_25.png

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64e7f3a2868bb6e1fb099f5e8c26e90fbd89373be496dfa4fd280aabdd1f2b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490031
alt-svc: h3=":443"; ma=86400
content-length: 1542
last-modified: Wed, 19 Apr 2023 03:57:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG16PNuibNrz%2FhZIfmZZtgnWDlkciPCjuSjgZX1LiGmDT9lkyQvFVXMdXKs38OPWA6D8yBX8DaiY2M5pUHBOoi%2FhRRB%2FEfYzdKyJ9JTTnIqjkRaIAlN2gbVqcpk5bmUN47UOwJKu%2BJ2MFlAd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b055fb9123a8a-FRA
expires: Fri, 08 Dec 2023 01:50:30 GMT

GET
H3 200 smooth_scroll.min.js Show response
enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/js/ 907 B
925 B 65ms
60ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.60

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7acacc960de81613b8c53b856a3bed117f76802e632836053299a6ecb15fa9da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163474
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlGS5jYX2B6n6vVgkKnU87JdrpO8tYO7xrTcKq1V2l6CqeX3NKmEeQQEiy1n20PZ4NX6VQOW2FP66w18Vyl6lSLaiTIci0AfRM6EBHYeXsoAZLD3otyY5%2BEQxtwgQXwHRr5hGt9NszYcxkDm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9143a8a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H3 200 js.cookie.min.js Show response
enlifesun.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
2 KB 71ms
65ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3704
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F14cRihPSEY2zLnaJVaHp76%2BOTNP7V6qokpFYtfgytIlcOf1BkADTks%2BsXGe2FGAaq2iQ5QBgkYTyrhHvHZOjQlRXZ50nHYb044uzgI792n1853%2BPL3DUY7qKmCFZyNnBF7hKIpn8ap7RHon"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9153a8a-FRA
expires: Tue, 12 Dec 2023 22:48:06 GMT

GET
H3 200 jquery.sticky-kit.min.js Show response
enlifesun.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
2 KB 71ms
66ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6241
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 21 Aug 2023 20:42:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsBIAfj4jakLdD4JqD%2F8Jf7%2B%2F%2B3ofbigoUDng7%2FpgvBSkIE3HGdXZGnUg2fU8EtTTnmhsNk3I1CENsoN2rkTPL21HUBfEHTl50hPcw5eCSCCkpasftJe3iNfFCR5QuPDd7mMmbSsMT1hc3WV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9163a8a-FRA
expires: Fri, 08 Dec 2023 20:31:53 GMT

GET
H3 200 front.min.js Show response
enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/js/ 4 KB
2 KB 71ms
66ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.60-1701766896

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0acab731cfc401b03c95159d592d84c42769457a3780e9d64860668092bf2d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165459
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrBpdovIYfZyWZFfMjynNx6I9cqGriB4x36%2BruBfca3gkO4LPItCXSHmhwGBWDS3vuiFddsxp4GAlYJF6DKhRk1nyjhgIMRHbnFJIuHG090Ff9kU9qpSVCohvc8ix8ge8ZTTrmj0CE0YSuj%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9183a8a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H3 200 fitvids.js Show response
enlifesun.com/wp-content/themes/zblack/js/ 3 KB
2 KB 71ms
66ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/js/fitvids.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 585697
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dZ1wNpIABAGzq2PlSeAGB0RnieSF30Up7IWvSlZktLqu731PpfNi2ch3SIeXD3nvDdWLMAsdr7Cmuwxdp4BfHSFlvpxQfQgin%2FVIKn711zJ5yUoLrnG9p0pbmTlqK6k%2F1CK5w4Bs4%2Fvwisg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9193a8a-FRA
expires: Tue, 05 Dec 2023 23:58:25 GMT

GET
H3 200 jquery.slicknav.min.js Show response
enlifesun.com/wp-content/themes/zblack/js/ 6 KB
3 KB 71ms
66ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/js/jquery.slicknav.min.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111225
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nlLjjTXUaIkaNZH%2FBB05bz%2FCIW1EzcemtXGE98w6bL4d9c4xynvk5n6VcNYVG%2BXfESxpR2tV9M4MfU%2BcA957UkvpICNNayE4ZtMDf%2FlNMiM%2FbecqucF5XKXGnZsBc%2BalqYrrmq7IHqeT9TD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb91a3a8a-FRA
expires: Thu, 07 Dec 2023 23:50:53 GMT

GET
H3 200 jquery.bxslider.min.js Show response
enlifesun.com/wp-content/themes/zblack/js/ 19 KB
6 KB 71ms
67ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/js/jquery.bxslider.min.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 241925
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmUEObap2BmOO9PE55E5eCsscmsAsegb1T4IMqreLYZoO95%2FWFOlxbaPq9a1WrH3ObeMUqetmforlIz646%2B3WRMoPNCiR0vFGtO%2Bj0hlAF%2F9nUN4B2SsI9%2BCwKOw5SftK5BEFpWCDRk30A3s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb91d3a8a-FRA
expires: Wed, 06 Dec 2023 23:50:25 GMT

GET
H3 200 zblack.js Show response
enlifesun.com/wp-content/themes/zblack/js/ 1 KB
998 B 71ms
67ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/themes/zblack/js/zblack.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a0dfaac31356fb5912205adfc9acf2647ee7dcba718d09859495b53031ad20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73275
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHbfotka04bXxMorbN56TFjL0ifhDGn0%2FoQ2R0xN7gi8C2L%2FwhLx%2BT1cUk7IYSdhtEj%2BKngY%2BT6MHB95Vzqi4oE308emzXTpqBFsNUGHhvEDYtAnz0GG4O6GT6Ygu1KqqXwded6WzVunC3ON"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb91f3a8a-FRA
expires: Fri, 08 Dec 2023 01:50:30 GMT

GET
H3 200 comment-reply.min.js Show response
enlifesun.com/wp-includes/js/ 3 KB
2 KB 72ms
68ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/comment-reply.min.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165457
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWmBy9ez0nagquC6XszXpYjXs6tMTHWVVHqV2OpCpx0wMY7zT6UKf1hx1E5niHoiGBwP0pt%2FeYQCV1HzO1K3DWk2dqRmcsQKMbLx%2F67iV88ImlG%2FXb6LKrsiOYAUX8DOyW%2FCSQg5hdz1zQ6A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9203a8a-FRA
expires: Fri, 08 Dec 2023 20:45:28 GMT

GET
H3 200 frontend.min.js Show response
enlifesun.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 72ms
68ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524374
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 04:07:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDhGwz8nWEdWf5UrOx83sLV1C7biEkqSJD%2B5%2FTdnD%2BnF9qpmWaK8mN7ZVYcYTXww7TEw%2BUnEERGd2dTBraRyOS2Z43OvVq8cwDbea0Ly%2Bz8HAcwt5OF%2FGR%2B6FrAO6yol3hFkhJIVRnMU6mDk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9213a8a-FRA
expires: Fri, 08 Dec 2023 00:01:31 GMT

GET
H3 200 sassy-social-share-public.js Show response
enlifesun.com/wp-content/plugins/sassy-social-share/public/js/ 122 KB
41 KB 88ms
84ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.56

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165459
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKHlCW6i6oYo7z2FVw4NP0LOQhIeGPxyvqIOTVNA3xJ%2BpOQKKXtjxv%2FtUpaSxsrX4ppJhwsuNSjXEvEYj%2BoCSymhZedV008Rw6ReEY8rMHyBiu8LfvPIkO7PUACVbJ%2FdxbWk%2FhkdSm7xybdx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9243a8a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 8 KB
3 KB 47ms
11ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202349
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-minify-cache: hit
date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
x-minify: t
alt-svc: h3=":443"; ma=86400
x-nc: HIT hhn 2
server: nginx
etag: W/21174-1684460945295.6394
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Dec 2024 19:28:47 GMT

GET
H2 200 e-202349.js Show response
stats.wp.com/ 7 KB
3 KB 44ms
12ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202349.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 03:42:01 GMT

GET
H3 200 sbi-scripts.min.js Show response
enlifesun.com/wp-content/plugins/instagram-feed/js/ 27 KB
8 KB 100ms
97ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.2.6

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165458
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Dec 2023 09:01:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnKVJhSTVSoViO0r0GfXK1%2FYRsEusb09cEtU%2BIZz1Jpext6p3v1CbnM9sieore1y1x%2B2BpnFk3VqHc5FbH%2FOc28%2Btode4j8hxcPMhZ691hlZtGhW%2FpC1EG1g85oc83CBuCCOrkdXoFdL6gGx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9253a8a-FRA
expires: Tue, 12 Dec 2023 09:02:11 GMT

GET
H3 200 init.min.js Show response
enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/ 374 B
706 B 950ms
947ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackPostUniqueVisitor/assets/init.min.js?ver=2.6.8

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1a34905a1ab33dafe8104112c3146399e96717e7968621a867e6dd037dd8447

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 09:33:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWNVq6P3Y%2B6Aull1shovEaOLF5qAf%2BFGpxPSKP9H7Wxt7tujBOZ7nruEjgcB0BAlfZWMwAI%2Bw7%2FB86yn2%2BH%2BPfrkYvxjewp7figt1kBx3vPrhaJStG%2BVkx1afHmMYoPdINI00SECG7fZBAlt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b055fb9263a8a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 22:13:06 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F643 0
188 B 204ms
201ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&adk=1812271804&adf=3025194257&lmt=1701933783&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782764&bpp=4&bdt=276&idt=229&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2614163686850&frm=20&pv=2&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9767966869087000&plah=enlifesun.com&bust=31079954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:03 GMT
expires: Thu, 07 Dec 2023 07:23:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4EE 140 KB
44 KB 547ms
547ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=350&slotname=9335931323&adk=3900778249&adf=2815497077&pi=t.ma~as.9335931323&w=740&lmt=1701933783&rafmt=12&format=740x350&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782768&bpp=1&bdt=280&idt=315&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2614163686850&frm=20&pv=2&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=326

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23dc355ffad1f57567b1f270731b1647c2a14a47c6fc9e2dc525d81c7958a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44971
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:03 GMT
expires: Thu, 07 Dec 2023 07:23:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBDC 36 KB
14 KB 183ms
183ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=280&slotname=2770522977&adk=772300056&adf=3663673752&pi=t.ma~as.2770522977&w=740&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=740x280&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782769&bpp=2&bdt=281&idt=339&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x350&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eeaaaea4d30de18718d40b4cad2499daccb512d363508de911f731486adb3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:03 GMT
expires: Thu, 07 Dec 2023 07:23:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/achang.tw/ 1 KB
1 KB 754ms
259ms Script
text/javascript 3.36.186.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/achang.tw/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.36.186.35 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-36-186-35.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0121ebdbd3e84abb8fb5e4e0f84913a0ff0f064c0cc27df0b27adfe488ab094a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
etag: W/"408-1doV3RfQWrlR4YTR86/xTDKvwg0"
content-type: text/javascript; charset=utf-8

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame BBDC 3 KB
1 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=280&slotname=2770522977&adk=772300056&adf=3663673752&pi=t.ma~as.2770522977&w=740&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=740x280&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782769&bpp=2&bdt=281&idt=339&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x350&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame BBDC 20 KB
9 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBDC 202 KB
64 KB 55ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B0AD 149 KB
48 KB 108ms
63ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXFy1wACCygI9l-9AAKZnoB9wZefcIrAnqDPmg&u=%7CB8TT%2BEPq0Wu60OmCtu7WKroYsdXff152VADk6RVY4As%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864LDdMDxl706lV0kV9nMzFmYfPEmuOQ5qhw2WA0Rh9Dvd9R6-lvnl16JhV5voLRNnNn-09UmJF0_d4OHk1F0yqDUVY8slCOhdzjVR2fVKytgiMe0E-_Cp0Q2iAMdAyZkAJ7gASSLzhd3SdVPHDapk9cDzxoTNukKKFhStLJ3js3aC2zHiLaw76PHqcg_qivHhW_Yi95war_30kxqhDksS2HI3ATnQCn9Q8OEkTvRuxFHLOidpc-GH14eDnU64vHAKwUV73wm04ZlvUBU52DzFVWgtDXtrTKcwYPiD55JQkGfp3sQMemQwhJpoBlS_IbW_zeTpV_VulwHVUt-UVnk-3igItBfAgoX0c7OmfI-LoZ0No-4ylfX2qwbIlIFTW2bLnhzuYq4iNJKpiVbwvzqWtiwEJt_rqzEePcMuD8EnNQXvQtBl1Uj3v3ksNxedyTROaK9oSNWze0xViShzYRBLjZ30U3XMyNsqY86iB4G74nfOMU6AHLQtC4qIQuJnArJEUq0D32n5PcB9Q5LhKJYbv_qjExwSfQbQXKrNhl3pyaN7Fz7jf1KfnM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4lUO13JxZaiWCL2_2fcPnrOKqAfJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5Njk0ODg2OTYyMzUwMTDIAQmpAhDXAM-3DrI-qAMByAMCqgSJAk_QBE9cwZD78hfMhIzG4R0sVhTuXW2koL-sPTLZGtmdYyxEPPZJR8e0rBCLiq3w0pK3WePXTmds_YvmLx-PuijIzYKOcCVXuTJzF38xrG9hN8yLHSHIEzrvPC4HZpClGca6b4j9IGCWq7TKCNB4-A4yFik4A18UmM8AnsuAJEcBazelpAX2Z8sDe_IEp_BAdY-K11pHnfdduEnSozJMqYmE5CVf3X9_-l5ZV4hVY4Ju-cLJelVzjFN9fzNjr7XmxBqQVjs8QrGALcburNpIZLD3ZUhVkUQr0ga8rmp4uSihiwf7hA5c40a8rV9JM66Kgjzd-Cvg_tugM7mP8_rtS2ztLMGHJhvoKEyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_kcy05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tEf0prvEibMhhWkrh3sKV1v7zGQ%26client%3Dca-pub-8969488696235010%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1f937725b1d1e3006292648cfd1c2664dfe3df8e68d61adea966df5b1e8f267f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uoiITVIhxqWMsuW-fUPPe-0OY9XYTVt0mee8kqMjRpBXMSQgAetcXldzx_VYSoz-9eUvJkofYIqboPgeXTrv0LOsp_-1iaWNMX_yY_A_ttVKg10pVx-UUv6vEfzKjsDuUZ75-IP5X-7BVKikindt7FJf8HJCp73JTl4rl7KtTG9EToib4QhGVnZzauCec8_sBg0FSvVpagHqfmh1kIhhdEt_mBvRU5H4BsR85N9RD6ZRUZxn7QpoqIYoYUDoAN0YC83F1g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48392538
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame BBDC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4154bea653d643d25113e2056edb0ef315796cc9ab2edad1d5843b14d09c2079

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B0AD 2 KB
1 KB 44ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXFy1wACCygI9l-9AAKZnoB9wZefcIrAnqDPmg&u=%7CB8TT%2BEPq0Wu60OmCtu7WKroYsdXff152VADk6RVY4As%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864LDdMDxl706lV0kV9nMzFmYfPEmuOQ5qhw2WA0Rh9Dvd9R6-lvnl16JhV5voLRNnNn-09UmJF0_d4OHk1F0yqDUVY8slCOhdzjVR2fVKytgiMe0E-_Cp0Q2iAMdAyZkAJ7gASSLzhd3SdVPHDapk9cDzxoTNukKKFhStLJ3js3aC2zHiLaw76PHqcg_qivHhW_Yi95war_30kxqhDksS2HI3ATnQCn9Q8OEkTvRuxFHLOidpc-GH14eDnU64vHAKwUV73wm04ZlvUBU52DzFVWgtDXtrTKcwYPiD55JQkGfp3sQMemQwhJpoBlS_IbW_zeTpV_VulwHVUt-UVnk-3igItBfAgoX0c7OmfI-LoZ0No-4ylfX2qwbIlIFTW2bLnhzuYq4iNJKpiVbwvzqWtiwEJt_rqzEePcMuD8EnNQXvQtBl1Uj3v3ksNxedyTROaK9oSNWze0xViShzYRBLjZ30U3XMyNsqY86iB4G74nfOMU6AHLQtC4qIQuJnArJEUq0D32n5PcB9Q5LhKJYbv_qjExwSfQbQXKrNhl3pyaN7Fz7jf1KfnM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4lUO13JxZaiWCL2_2fcPnrOKqAfJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5Njk0ODg2OTYyMzUwMTDIAQmpAhDXAM-3DrI-qAMByAMCqgSJAk_QBE9cwZD78hfMhIzG4R0sVhTuXW2koL-sPTLZGtmdYyxEPPZJR8e0rBCLiq3w0pK3WePXTmds_YvmLx-PuijIzYKOcCVXuTJzF38xrG9hN8yLHSHIEzrvPC4HZpClGca6b4j9IGCWq7TKCNB4-A4yFik4A18UmM8AnsuAJEcBazelpAX2Z8sDe_IEp_BAdY-K11pHnfdduEnSozJMqYmE5CVf3X9_-l5ZV4hVY4Ju-cLJelVzjFN9fzNjr7XmxBqQVjs8QrGALcburNpIZLD3ZUhVkUQr0ga8rmp4uSihiwf7hA5c40a8rV9JM66Kgjzd-Cvg_tugM7mP8_rtS2ztLMGHJhvoKEyABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_kcy05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tEf0prvEibMhhWkrh3sKV1v7zGQ%26client%3Dca-pub-8969488696235010%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B0AD 2 KB
1 KB 43ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B0AD 308 B
636 B 33ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B0AD 293 B
622 B 32ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B0AD 43 B
348 B 51ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=frTu0AB3cOPJ_eb1F5zrQD6CbvuilFZ1qlhvkw_xn-TQ4TKMupyAtCgl44kbN9llbxuYPKoChcPWSdhXgymtU87QWRm7n4QaomFJa48kIjHIQN1pCPulp-z62qGVR2KVf_VcTpaW53Na5piLVZOjTZo4eRXqohlkLuP6ZgyvGEOUGk-SGtUbOiupuP4Eg0mHK_WF4FLqnsKNbK-c4FclKJqQboL1ab6RdX2wnlxVeJ6q7hiMkdLn7Rbhl6FTYl8heM3k0SomCcyCex4rcfwuX6tBjdYKBlmLZwMGOxxKIwQylZRiqqU1BHkbdPXkUvvL6D9_EQvZOjvrfrnlWxq4smO42tWOjsN7Z2eFhpbTZ7VEYsRsoUGAu2PRVWKbn6Bv0Gepm_gwzpu7_yYlGX7X3WA3kyr2tojh31sm5nU0UlxUDt9kjQFMz0-HpFAyHDj8TfguSA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1835676
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B0AD 12 KB
6 KB 25ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B0AD 36 KB
36 KB 72ms
30ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=376&rid=4&s=9srsdIinTjH0XL4UcPJJ7VOy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0645cc7d00365d82fca97bd894afa236f1a39e4520935bf2b3705f08d07fafb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 36696
expires: Sun, 03 Nov 2024 03:20:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B0AD 9 KB
9 KB 59ms
17ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F4123_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=cUORs_l4n4Suns43TyAycXl8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 9014
expires: Wed, 03 Jan 2024 21:55:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B0AD 5 KB
5 KB 64ms
22ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F7966_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=R4KBWrseKDiRDhar-WwL6lEp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5320
expires: Thu, 04 Jan 2024 12:41:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B0AD 16 KB
16 KB 81ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Wed, 03 Jan 2024 21:55:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B0AD 0
128 B 55ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uoiITVIhxqWMsuW-fUPPe-0OY9XYTVt0mee8kqMjRpBXMSQgAetcXldzx_VYSoz-9eUvJkofYIqboPgeXTrv0LOsp_-1iaWNMX_yY_A_ttVKg10pVx-UUv6vEfzKjsDuUZ75-IP5X-7BVKikindt7FJf8HJCp73JTl4rl7KtTG9EToib4QhGVnZzauCec8_sBg0FSvVpagHqfmh1kIhhdEt_mBvRU5H4BsR85N9RD6ZRUZxn7QpoqIYoYUDoAN0YC83F1g&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B0AD 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B0AD 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:23:03 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6074
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 19ms
19ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=791223721&t=pageview&_s=1&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ul=en-us&de=UTF-8&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=2125088055&gjid=1854092070&cid=655708928.1701933783&tid=UA-135689988-6&_gid=1555568801.1701933783&_r=1&_slc=1&z=2072232605

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

deacb043aba45fdec8c0a7948b084d9e4b63b58dd7264c74895c87dd8164f82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 91 KB
30 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac032677fc492540bb601f985bb7b3eeb2be6b81cd56d8caf71c2e4d282d97a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29938
x-xss-protection: 0
server: cafe
etag: 783 / 19698 / m202311290101 / config-hash: 16835354973066905572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H/1.1 200
OK achang_tw.js Show response
api.popin.cc/searchbox/ 145 KB
38 KB 1023ms
504ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/achang_tw.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5e5e11a87c96e0c1088405c3c0f743ffc729149b5bc6d54b50197727e824fc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:04 GMT
x-amz-version-id: mOyiI9sbNBB6mF7m8PZC8c44.AaF8HvE
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 09:16:28 GMT
Server: nginx
ETag: W/"b7815895deade0c5b9644bf39ecf5b9b"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 07 Dec 2023 08:23:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9767966869087000

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610f2174081f4d952d1bebc1dd3e68edae88a04e99a75f11cfba172b247621a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52027
x-xss-protection: 0
server: cafe
etag: 13159302475671682280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBE1 39 KB
16 KB 264ms
264ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a262e072fa742a6af7e1bd89783c239e4058998c9f2417410fab837847bd910f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:03 GMT
expires: Thu, 07 Dec 2023 07:23:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MGKR343MJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfd086f33a87ac1ee88e5ea9f3c2ee6e7215fcf460a55c82e37c0a5e445a3467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8969488696235010

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

832c6a6e54ba8b2e53ca9deafe21389a58f3652fa97484a3e5bd200b6eca98c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52152
x-xss-protection: 0
server: cafe
etag: 9433994665113117078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H3 200 searchsubmit.png
enlifesun.com/wp-content/themes/zblack/img/ 1 KB
2 KB 24ms
23ms Image
image/png 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/themes/zblack/img/searchsubmit.png

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/wp-content/themes/zblack/style.css?ver=1.3.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/wp-content/themes/zblack/style.css?ver=1.3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216557
alt-svc: h3=":443"; ma=86400
content-length: 1167
last-modified: Sat, 25 Jul 2020 08:50:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2qu0Nr6ew1DJgCXKEvy0%2FflzLS0Hg8m%2F3vXYISBWTUpiXcLytRkqz5uwYJV%2F7zW6A%2BY7huXIi74jqGBf7EaoYK5jTpJi%2FPCw4doN0Nkjs%2B%2BShc7WPIgBJns2LGnDQboj2wOy85jqbSI4ICD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05634d4e3a8a-FRA
expires: Wed, 06 Dec 2023 01:36:38 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8EE5 162 KB
49 KB 645ms
643ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73b9dc0dc316f1ed45520c444cf4b3b6e4d5ca71d7f077cb24ed6a7c10184e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:04 GMT
expires: Thu, 07 Dec 2023 07:23:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sherpa_init1_08.min.js Show response
cdn0.agoda.net/images/sherpa/js/ 11 KB
3 KB 23ms
23ms Script
application/javascript 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
last-modified: Thu, 07 Sep 2023 15:38:41 GMT
server: Akamai Resource Optimizer
x-dc: ASH
etag: W/"5dada82a80c2d31:0"
x-cache-status: MISS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1691898
timing-allow-origin: *
content-length: 2896
expires: Tue, 26 Dec 2023 21:21:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BBDC 0
23 B 52ms
51ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrFj613JxZaiWCL2_2fcPnrOKqAfJntKxXL3xlPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTg5Njk0ODg2OTYyMzUwMTDIAQmpAhDXAM-3DrI-qAMByAMCqgSGAk_QBE9cwZD78hfMhIzG4R0sVhTuXW2koL-sPTLZGtmdYyxEPPZJR8e0rBCLiq3w0pK3WePXTmds_YvmLx-PuijIzYKOcCVXuTJzF38xrG9hN8yLHSHIEzrvPC4HZpClGca6b4j9IGCWq7TKCNB4-A4yFik4A18UmM8AnsuAJEcBazelpAX2Z8sDe_IEp_BAdY-K11pHnfdduEnSozJMqYmE5CVf3X9_-l5ZV4hVY4Ju-cLJelVzjFN9fzNjr7XmxBqQVjs8QrGALcburNpIZLD3ZUhVkUQr0ga8rmp4uSihyQXaFo7PM3safXiTv45jJjL68p3q0MMih3GyVQhSVUD1tAsTBvKABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_kcy05fyCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04OTY5NDg4Njk2MjM1MDEwGAA&sigh=QzEiLCW2xTI&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNupEnd_nqWbl1vq5723vy9MUfm5E_WMLvBrRj3ok8taeSRmTPzC3V_kCGv3iDRqVOZliNQ4GrdMhpklAjQ3pOpOOnGGgKuIb6SCYYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=280&slotname=2770522977&adk=772300056&adf=3663673752&pi=t.ma~as.2770522977&w=740&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=740x280&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782769&bpp=2&bdt=281&idt=339&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x350&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=342
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 07:23:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame BBDC 0
126 B 77ms
20ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGLr5ROQFmAKdg2ICAgAAAPrfJ2XJId2i9kjaWRDWcnFlACdsRUdDf_M7agAAEgAACgpBUVVCRHdFQkR3&wp=ZXFy1wACCygI9l-9AAKZnoB9wZefcIrAnqDPmg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 222615
server: Kestrel
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MGKR343MJ&gtm=45je3bt0v9125230843&_p=1701933782616&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=655708928.1701933783&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&sid=1701933783&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1476
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MGKR343MJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B4EE 2 KB
662 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=350&slotname=9335931323&adk=3900778249&adf=2815497077&pi=t.ma~as.9335931323&w=740&lmt=1701933783&rafmt=12&format=740x350&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782768&bpp=1&bdt=280&idt=315&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2614163686850&frm=20&pv=2&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=545&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 05:52:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame B4EE 2 KB
875 B 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame B4EE 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame B4EE 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame B4EE 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4EE 202 KB
64 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame B4EE 37 KB
16 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 432 KB
135 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:20:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3765
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138184
x-xss-protection: 0
server: cafe
etag: 495798054771589180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Dec 2024 06:20:18 GMT

GET
H/1.1 200
OK SimpleSearchWidget Show response
sherpa.agoda.com/SherpaRender/ Frame BFD5 14 KB
5 KB 75ms
36ms Document
text/html 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Requested by: Host: cdn0.agoda.net
URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: 57cdb0d07403dba23cf867a6d514628bdafa83693e5775b9b957460b12898d99

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

ag-correlation-id: ff2957ea-f165-40d0-a7d0-8458bfdd942c
cache-control: public,max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 07:23:03 GMT
server: istio-envoy
transfer-encoding: chunked
vary: User-Agent,Accept-Encoding
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
x-envoy-upstream-service-time: 20

GET
H2 200 fetch-iframe-init.js Show response
affiliate.klook.com/widget/ 587 B
752 B 129ms
8ms Script
application/javascript 34.149.108.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/fetch-iframe-init.js

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

f2767375f9a38497e1cf2279ff98dc1407081074ccd0fda78709c84387f6c5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 07:17:21 GMT
via: 1.1 google
x-cdn-cache: hit
age: 342
x-kong-proxy-latency: 0
x-kong-upstream-latency: 3
x-readtime: 1
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 386
x-xss-protection: 1; mode=block
server: ReplaceHeaderValue
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=600

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 29ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfee5e43b421600eb9ff77e293a8c051724154565b950bda0d4dbb62c9f3cb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 07:23:03 GMT
content-md5: H17V+kdAJbBqX3dEC+oiaw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: iWk0Dla78JIu9aO122PEzn7ZkokLW1pQa+ICgLsBKh4ncnIbWhhHxsCzlXb53dNCSY5CIfaKn1Us0ZTmOZ5WFQ==
x-fb-content-md5: 730cbb6d956adf58c92a11045aa5743b
cross-origin-opener-policy: same-origin-allow-popups
etag: "0efe38d192cb11ea3d5ba530ee277af0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:42:50 GMT

GET
H/1.1 200
OK / Show response
sticker.events.pixnet.net/2022pixstarawards/ Frame C05F 2 KB
1 KB 1880ms
295ms Document
text/html 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: bb2e9b885843fe29b51b4d77e66d73cae8e68fbee661658a1c09ea2ae183a436

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 742
Content-Type: text/html
Date: Thu, 07 Dec 2023 07:23:05 GMT
Keep-Alive: timeout=5, max=35
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary: Accept-Encoding,User-Agent
X-FarmId: 32622639ce616e7550925610a24a59f46ccc46dd6db3cc5e495ae6b96b9290ea

GET
H3 200 placeholder.png
enlifesun.com/wp-content/plugins/instagram-feed/img/ 176 B
695 B 18ms
17ms Image
image/png 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/instagram-feed/img/placeholder.png

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16139
alt-svc: h3=":443"; ma=86400
content-length: 176
last-modified: Mon, 21 Aug 2023 20:42:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWsYM0O%2BY7h0OQGGNMGY5KhGHzH4awGzTwXPX7%2BSo3OO8Gs11nx9tFPxCXzqfKSgl8wNA33UcaLm5am2ybKZ%2FEYoTorRWtNtxTgmkCDDcimQby1cvS5YrI3ZeEKFZvUrp3EwB9i9vfXH7FhM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05642e423a8a-FRA
expires: Thu, 07 Dec 2023 04:04:24 GMT

GET
H3 200 plus.gif
enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/ 79 B
597 B 16ms
15ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/plus.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216557
alt-svc: h3=":443"; ma=86400
content-length: 79
last-modified: Fri, 26 Oct 2007 04:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnveG%2F4xJPm8XYWvDsdw8pUT0hBqcJWHZjJz%2BkhecFmOhRNUaoNXpc1GXdLhoZUXIl4gmBdsqHrUJzzNv%2B866sb3pj1HQkLg0Gnkpx38UlKH67s86bCLsESqSlOKm0V5eNSX2cK0s1nhzCC3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05642e473a8a-FRA
expires: Wed, 06 Dec 2023 20:44:00 GMT

GET
H3 200 line.gif
enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/ 66 B
584 B 23ms
22ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/line.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216558
alt-svc: h3=":443"; ma=86400
content-length: 66
last-modified: Fri, 26 Oct 2007 04:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT5Orlu%2BquZ0rPmcTfV45pcS%2BXai6F6lzlOmolraphXBMZStOlW8ZDqRuW6NUfD04GtrxEzMA7%2FYaIfgrYhDavTacER7yOamu8EPt4YfpxdC%2FTP5OFcoNMxgNQEWmwsbvItJZKMd85aCKh6t"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05642e483a8a-FRA
expires: Wed, 06 Dec 2023 19:55:11 GMT

GET
H3 200 join.gif
enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/ 69 B
584 B 22ms
21ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/join.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216558
alt-svc: h3=":443"; ma=86400
content-length: 69
last-modified: Fri, 26 Oct 2007 04:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwFMMO4asU9f04eYwCCPeNKe%2Bw3B0f3VQmY07OdSIi4XTWUNBBIbKY8GCnoxY02hxWCG4ZPnVDchWnNE9N9dBFBJmOHLB4hBCrjbkEQFE2pvXtUFmWMMGH11LB8mhutmxHsaAANm9wG900jf"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05642e4a3a8a-FRA
expires: Wed, 06 Dec 2023 20:07:23 GMT

GET
H3 200 joinbottom.gif
enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/ 66 B
578 B 1003ms
1003ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/joinbottom.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 66
last-modified: Fri, 26 Oct 2007 04:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2L9lrZjKQtQHNBKDuNkQI9sXqMoPiQwNYfF1Nj5wBeXa73i%2FWX9t5z4LTbcpQpMIrKjugIAh%2Fx2YJmdxoAZYik3BvHtSasBLdSrjS2DQ13Djw6%2FdNJaqqw3BzkurXbBu9Zt8OMZyw38pg4A"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05642e4b3a8a-FRA
expires: Wed, 13 Dec 2023 21:14:45 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&ver=6.4.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:41:35 GMT
x-content-type-options: nosniff
age: 200488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:41:35 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B4EE 19 KB
20 KB 40ms
8ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQC21pg6-ou2qV7vmW3SKpXIsF4A7C5P8IZb9tHa905MLIFfYzV3mU0VguTsQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:23:29 GMT
x-content-type-options: nosniff
age: 543574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19478
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:18:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 00:23:29 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B4EE 28 KB
29 KB 53ms
8ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:50:49 GMT
x-content-type-options: nosniff
age: 127934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 04 Dec 2024 19:50:49 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame B4EE 43 KB
43 KB 51ms
9ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTYlbN2HjDCng9CMSDfcLkXRVIWrZilK5JNZc0EtaTIMvj3HdnJ-QD2_1xOBw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc6178cdb0838f0ecb7de330f4f58eb9ad8cf48813050aca2b29bd3329f1ed25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:06:07 GMT
x-content-type-options: nosniff
age: 476216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43602
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 13:55:16 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 19:06:07 GMT

GET
H3

200

9582802623576457529
tpc.googlesyndication.com/simgad/ Frame B4EE
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOD50ZrARhDMBBiTATII7iDqJ_SHFYM
https://tpc.googlesyndication.com/simgad/9582802623576457529

8 KB
8 KB

8ms
8ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9582802623576457529

Requested by

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b484baff6b012cc823568d095cdb50a81ec0e32759264b2a094353d92a5380bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:57:50 GMT
x-content-type-options: nosniff
age: 127513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 17:44:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 19:57:50 GMT

Redirect headers

date: Wed, 06 Dec 2023 23:01:58 GMT
x-content-type-options: nosniff
server: cafe
age: 30065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9582802623576457529
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Jan 2024 23:01:58 GMT

GET
H3 200 minus.gif
enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/ 78 B
605 B 20ms
19ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/wp-dtree-30/dtree-img/minus.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41379c64c98eac99563835ac6a7e6096a78f124560a8a4ffe92284a98079db7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 490013
alt-svc: h3=":443"; ma=86400
content-length: 78
last-modified: Fri, 26 Oct 2007 04:50:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z91TWdEFmyYAkTOvGbS%2F2HBtTR7XNIZLfPUbD0JFLiGFU9dYj%2BK%2BzZBi37ZwuygUNZNH4OzPKKlK%2BNsomlm7QQaQHMu6vRkkPwPGvzQBL%2FNFwXrXe7ZHw%2FV%2F4CtHqz2wJr90ml15VKcxvO5r"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05649ec83a8a-FRA
expires: Thu, 07 Dec 2023 23:40:28 GMT

GET
H3 200 ic_loading.gif
enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/ 4 KB
4 KB 19ms
19ms Image
image/gif 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/plugins/achangJetPackVirtualCounter/assets/ic_loading.gif

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5646faed05c8c21cfeb1a495faafdc0a94747149eaf7ca77ea28c3a989149e20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216558
alt-svc: h3=":443"; ma=86400
content-length: 3808
last-modified: Tue, 07 Mar 2023 06:18:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFbS95L12mjRnSX61PyEpDYj2IkYV9vca5X7HQKeJGhzl6sXDI8EvcZfo%2ByHIRgAxV67NMUr95WnkIrFenvNIu2%2FovWTh7whgrR8f%2Bz%2Ffhmwftkg8sAg1COomAatHWQ78Pilp0%2Ft1wAMOWnr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b05649eca3a8a-FRA
expires: Wed, 06 Dec 2023 01:08:31 GMT

GET
H2 200 js-client.js Show response
api.mdeianet.com/api/ 3 KB
3 KB 795ms
254ms Script
text/javascript 18.140.229.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mdeianet.com/api/js-client.js?key=38d0e5f4-d199-4a6a-ab15-f51eaef0426f
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.229.62 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-229-62.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 5b4314d71c694c16760a64cde26e26081467b669788ca140ed8d4478c4b42618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-type: text/javascript; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BFD5 186 KB
67 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6446424-36

Requested by

Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b8eefdd8b1776f129d17fe2e22d759b9051516676843435c609b9423899104c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68934
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H/1.1 200
OK squareCalendar.min.css
sherpa.agoda.com/css/production/ Frame BFD5 86 KB
86 KB 17ms
16ms Stylesheet
text/css 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/css/production/squareCalendar.min.css?v=P4uPgsN0RJW-gtgHihb1Cs1qQkr5dmHCoN7xON4RoTo
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: 3f8b8f82c3744495be82d8078a16f50acd6a424af97661c2a0def138de11a13a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:02 GMT
last-modified: Fri, 20 Oct 2023 08:42:55 GMT
server: istio-envoy
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
etag: "1da03316b5647a3"
content-type: text/css
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 87587

GET
H/1.1 200
OK logo-white.png
sherpa.agoda.com/images/logo/ Frame BFD5 17 KB
17 KB 53ms
22ms Image
image/png 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sherpa.agoda.com/images/logo/logo-white.png
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: 8a1f60c3666871a1a0f2dee711f982af1424a1a4326a3c58d60e2cdb754aca4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Fri, 20 Oct 2023 08:03:28 GMT
server: istio-envoy
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
etag: "1da032be87fca66"
content-type: image/png
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 16998

GET
H/1.1 200
OK common-scripts.min.js Show response
sherpa.agoda.com/js/production/ Frame BFD5 131 KB
131 KB 54ms
21ms Script
application/javascript 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/js/production/common-scripts.min.js
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: 601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Fri, 20 Oct 2023 08:01:33 GMT
server: istio-envoy
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
etag: "1da032ba3f1e018"
content-type: application/javascript
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 134296

GET
H/1.1 200
OK squareCalendar.min.js Show response
sherpa.agoda.com/js/production/ Frame BFD5 329 KB
330 KB 28ms
21ms Script
application/javascript 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/js/production/squareCalendar.min.js?v=mhfVyWVc_Ss-TITxlpv1HUllQUtjaHamgxvev5hs6V0
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: 9a17d5c9655cfd2b3e4c84f1969bf51d4965414b636876a6831bdebf986ce95d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Fri, 20 Oct 2023 08:01:33 GMT
server: istio-envoy
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
etag: "1da032ba3f6c849"
content-type: application/javascript
x-envoy-upstream-service-time: 2
accept-ranges: bytes
content-length: 337097

GET
DATA 200
OK truncated
/ Frame B4EE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2832ec16da02272fd00b4c49d9aaa544cb8619ddd17c3adf0dad11fe0914fb19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame BBE1 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame BBE1 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BBE1 0
0 18ms
17ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsrREQ29TwMEGzep1PEu-BK6m2p-NzO7hSrq42kUqA_9tIAt-ylrO0Xg04tbRvrMOH0uTcodDDU72Qy0gGTNPre5pPoQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBE1 202 KB
64 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:03 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 26ms
14ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=78d63d478ecd20d09accbd12c5279f96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1be35d3d84622023fcb5130128ccb83f6046953290e13397b2dae3af11d767ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://enlifesun.com/
Origin: https://enlifesun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 07:23:03 GMT
content-md5: VbWvV74EBmA0/G5Q/a/m8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88321
reporting-endpoints
x-fb-debug: iWjUAcAhQEmq+DuXCCxZ1sXYhwo3dlNVJ/dt71a1iS2IAhPCb5lbqcbi5J7jjGGc/MlrqgOf+ddM9rzT/9IU+A==
x-fb-content-md5: 98004c1042c9b0cd194c4d4c5bf71a40
cross-origin-opener-policy: same-origin-allow-popups
etag: "885268eaa72ddcfe13f37812f4c3a869"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Dec 2024 06:08:42 GMT

GET
H2 200 Sherpa-dark-4-squarecalendar.jpg
cdn0.agoda.net/images/sherpa/bg/v2/ Frame BFD5 332 KB
332 KB 15ms
15ms Image
image/jpeg 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.agoda.net/images/sherpa/bg/v2/Sherpa-dark-4-squarecalendar.jpg
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5020e5ec0724fc65b77c0bd34c798a23c5368edc2f0f42046417eb0fbe3fa516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Tue, 04 Apr 2017 03:26:48 GMT
server: nginx
x-dc: ASH
etag: "0cda4af3acd21:0"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1266592
accept-ranges: bytes
timing-allow-origin: *
content-length: 339783
expires: Thu, 21 Dec 2023 23:12:55 GMT

GET
H2 200 mallory-light-webfont-v01.woff2
cdn6.agoda.net/images/fonts/ Frame BFD5 51 KB
51 KB 49ms
11ms Font
font/x-woff2 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn6.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/css/production/squareCalendar.min.css?v=P4uPgsN0RJW-gtgHihb1Cs1qQkr5dmHCoN7xON4RoTo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8

Request headers

Referer: https://sherpa.agoda.com/
Origin: https://sherpa.agoda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Fri, 07 May 2021 10:15:20 GMT
server: nginx
x-dc: ASH
x-akamai-ew-subworker: 8096267
etag: "8e35bce22943d71:0"
x-cache-status: HIT
content-type: font/x-woff2
access-control-allow-origin: *
cache-control: max-age=1375245
accept-ranges: bytes
timing-allow-origin: *
content-length: 52321
expires: Sat, 23 Dec 2023 05:23:48 GMT

GET
H2 200 icons-77d0d7d0301a8e6325b2e4c3b57004b5.woff
cdn0.agoda.net/images/fonts/ Frame BFD5 112 KB
113 KB 45ms
12ms Font
font/x-woff 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.agoda.net/images/fonts/icons-77d0d7d0301a8e6325b2e4c3b57004b5.woff
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/css/production/squareCalendar.min.css?v=P4uPgsN0RJW-gtgHihb1Cs1qQkr5dmHCoN7xON4RoTo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5a28a9eda46727c2081bed435f0255a723187613491710e0780bd3c36e359733

Request headers

Referer: https://sherpa.agoda.com/
Origin: https://sherpa.agoda.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
last-modified: Wed, 15 Feb 2017 07:50:34 GMT
server: nginx
x-dc: ASH
x-akamai-ew-subworker: 8096267
etag: "7a419a306087d21:0"
x-cache-status: HIT
content-type: font/x-woff
access-control-allow-origin: *
cache-control: max-age=2202659
accept-ranges: bytes
timing-allow-origin: *
content-length: 115132
expires: Mon, 01 Jan 2024 19:14:02 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6A87 2 KB
3 KB 72ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c18b42baaca6e2dc1e1fd3e3ee28ef67e5a1469eed07b88e5d426a5d2598453

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 831b0565ea3c3615-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4D01 1 KB
643 B 12ms
11ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Thu, 07 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B4EE 20 KB
20 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:49:33 GMT
x-content-type-options: nosniff
age: 167610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:49:33 GMT

GET
H2 200 iframe-init-v1.0.10.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/ 16 KB
6 KB 124ms
23ms Script
text/javascript 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/fetch-iframe-init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db18cb52427e02c7de9ad4d90ca593068388c3fdac72903ee699779d92b0a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 00:12:54 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: RE0D97BKNRS5A6JY
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 9529810
x-cache: Hit from cloudfront
x-amz-id-2: qEM5nWQwwGqO7QfmFfbPbCi6HfvxGjIvVMkEKO5BXd2jH7o6pm6ZRQDIH9n8T3Ab7/hwTbPfbhw=
last-modified: Fri, 18 Aug 2023 06:29:49 GMT
server: nginx
etag: W/"2cfb3029203fe32534cdc18eab919e12"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: myO-tyBdI6LBw8NRc7gPfjVftU_reUegrrwNy4hutcoq1yep658Hiw==
expires: Sun, 18 Aug 2024 00:12:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B4EE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCvn813JxZc-RC83Dn88PjcGPyAOp_6DQdL6K-JvwEaOener_QBABIP3Y-CJgleKQgqAHoAHor-yIA8gBCakCxtrxx_gNsj6oAwHIA8sEqgSUAk_Q5QmibkfzlvCsp07OZWYzq5i7r1TShyL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224292857751117837451%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%2...

0
0

69ms
49ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224292857751117837451%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217969246588246655137%22}&andc=true

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4292857751117837451","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"17969246588246655137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 07:23:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4292857751117837451","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"17969246588246655137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BFD5 224 KB
79 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PS3CN8PQR2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6446424-36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

285cce528553dac4ded765825b9782888bbc02b6bfb9b15a033d617505a5d55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 07:23:04 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BFD5 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6446424-36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sherpa.agoda.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6075
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/klrvWmGl/users/ Frame 96D7 328 B
291 B 387ms
384ms Document
text/html 3.36.186.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/klrvWmGl/users/00000000.0000000000000?from=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=achang.tw&gdpr=1&service_id=10289&service_type=blog&country=TW&client_id=1598&lazyload_widget_ids=%5B%226Xg1eR7N%22%2C%22plqN36YX%22%5D&randomStr=93c6a542-150f-490e-ba31-9877204c5552&id=dablewidget_klrvWmGl_plqN36YX&category1=%E3%80%8BGO%EF%BC%9A%E6%B2%96%E7%B9%A9%20Okinawa&author=enjoylifeSun&pixel_ratio=1&client_width=740&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.36.186.35 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-186-35.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 47b069c8f1ec94af06e28e359f8e64c0cc9d7a88c2374ff0d5458a29ac037dbf

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 07:23:04 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame BBE1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9de8bae48d018e64279778106da4f3a8a969245514ffc5f5c25b839e741bacea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6A87 115 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2417803
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RyldTJZ%2F%2F3K%2BQNUb8Ibi8KfIqcd9ntBuT1hZGmgb5VxMGpeStCFxKokTv%2FYFSZWkmAgHf%2FINagCQVkKat9kx83%2F%2FaHVSk1kSbMpSXLRojdFnTvDFJm9P%2FPKYLx9bF4OwAtRxqa2%2Fyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 831b0566fb9e3615-FRA
expires: Fri, 08 Dec 2023 07:23:04 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6A87 24 KB
10 KB 39ms
29ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20571
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9lwIljJsuQFClXCviz%2B%2BWdlVGzLsnoyqLBVf0LR%2FAwySl2SYBl4QEYTIZ%2BdGOK01jnTbvcsx3bgS2wAsCSRaxNyUHicbrxidjAHE6Crur0jkXaDjNSbCAP0EPi%2BtAp7X8SEzc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 831b05670bad3615-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 07 Dec 2023 01:40:13 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F902 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:56:49 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4D01
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDhpUDFZSnExUmI4SVU1&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG49...

170 B
232 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDhpUDFZSnExUmI4SVU1&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG491_rGRD9sSFav1v852Ec_esPjpvtZO8fs8Xp0c9fY5p_maYjXWq2yJlz8

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 07:23:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dDhpUDFZSnExUmI4SVU1&google_gid=CAESELJALqZTBC9LRDNTnLvPOC8&google_cver=1&google_push=AXcoOmSXHyMHaGGExC0Di0kKLa9jyRwbY9_pqdzxCNAoG491_rGRD9sSFav1v852Ec_esPjpvtZO8fs8Xp0c9fY5p_maYjXWq2yJlz8
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4D01 0
187 B 70ms
16ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENZC4ChEFy_Zae9g9pIhCmg&google_cver=1&google_push=AXcoOmQ8kGsIzn-Xre9aEkAknCIscd3iDCueAsVTH4Xj7p1-L0uN4JgOyYS4YPdseiQ5GDKl6Y2xBEv-1qfI52313h7BrIStfq4KjUk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4D01
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEERkY2URCbr4ycE7VPoqVKA&google_cver=1&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB0YCiFyQ98ERal356eQ0c&google_hm=jg-_IyCERUKXisfcE...

170 B
329 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB0YCiFyQ98ERal356eQ0c&google_hm=jg-_IyCERUKXisfcESykbCU

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRW4pVpNM4_zxdhb1IUYgVKnByJUsFFcGgecqrWQ0rzUtQoN7ykq0M2uSrkAfbhY0B7FP7KqMyvJvB0YCiFyQ98ERal356eQ0c&google_hm=jg-_IyCERUKXisfcESykbCU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 4D01 43 B
146 B 115ms
8ms Image
image/gif 35.157.241.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGexfoOy4LaMRp-okSg4FO0&google_cver=1&google_push=AXcoOmTXuKWQy5uI8ppCTV_aceAhGpKXpt8MJpFw7G_ow6QQUsoRriK8RHqOn004NNxyo8aPcO8GINP9L0ZsR67PTWlVwYgVK6FbxAk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.241.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-241-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D01
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDQ1k2ntzJhtiqaRZurBI8I&google_cver=1&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeE...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDQ1k2ntzJhtiqaRZurBI8I&google_cver=1&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttY...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQEBMd6ar7UHmKxSBVXc965_0iQ9NGLNwBtRY3jevSYHhnSsWLJJNleJInHZRdyEf9B9bO3xHNmmpXZHb8LujttYeEb0rcYpw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D01
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFK8FEoCNfHvpykvATID9Yc&google_cver=1&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1y...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFK8FEoCNfHvpykvATID9Yc&google_cver=1&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1yWLBEGpBo1wixvbBi4STo3w

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmRP-gdbZTxyvYa0ah0ZUjmP_aFy1jZttFEET4X1eNNTnqHplz3lqBinpnrsXyzWIUZNF3P-PW1yWLBEGpBo1wixvbBi4STo3w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 4D01 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4D01 0
130 B 51ms
15ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqvN1kU86o97oonEnT9VwJcHQ4jvcAaUNIQCZPnzZHEDF74mpiDZ0i3t4rAY4IQ3BxU0j97g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 15ms
9ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=216244458&post=1298&tz=8&srv=enlifesun.com&j=1%3A12.8.1&host=enlifesun.com&ref=&fcp=510&rand=0.171627724374263
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:23:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
enlifesun.com/wp-includes/js/ 18 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527201
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Mar 2023 02:58:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pO%2B0OQnJLTbMI4arsrzC5w7HWvRp2dwCyokNhlfEy362Qqfq%2FeRcGMv0v1PLX30c0d4jK%2BduUsNoKxXiI48flZu2Ei86oCeCQIyYRxFeScPQcx9C23xGed%2FU7N5I6nDIfYBAYKNES%2F8SesS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 831b0567291b3a8a-FRA
expires: Wed, 06 Dec 2023 01:36:38 GMT

GET
H3 200 / Show response
enlifesun.com/2019-12-03-1298/ 4 KB
2 KB 1011ms
1011ms XHR
application/json 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/2019-12-03-1298/?relatedposts=1

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20211209

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73c7ee3a12ff60afab5f5311ec2b1cd6063ef5098dc9f649aca8e91d8f1f83be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://enlifesun.com/2019-12-03-1298/
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1066226-1701933521;;;"
x-litespeed-cache: hit
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74d8QAmaAwUYVwdZ4tcjmd3TML1wc84KLrfFK47d1ccw8yqBZWlgy0tcBhLOk%2FVMHdPS%2BipV%2BtRIrsRzW63AucbZJjiPxSy%2FsVRouLuG5bnWr3ZiMznZRzDD5Y%2FHYeH2F6Yo5n09rE3BgDqW"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
x-turbo-charged-by: LiteSpeed
cf-ray: 831b0567291c3a8a-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
42ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 admin-ajax.php Show response
enlifesun.com/wp-admin/ 56 B
704 B 1138ms
1138ms XHR
application/json 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-admin/admin-ajax.php?action=achang_jvc&jvc_time=78

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc1ee383a6549d1376e31e7b55e4e25428c65f2d0a506943db778a2eaf70dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://enlifesun.com/2019-12-03-1298/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
x-litespeed-tag: 530_default,530_URL.3eb387b7c4140058d3afdab3356fd2ad,530_
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK%2BFZsHRSQiFEP0UmGomllbJhRckmMcs1yzQsbxTrxqX3HVfH2JFGfw78c%2BLcE%2BOurWA4tlijkoU3e09vWXT77z3jQFPB%2BogkkAG14N2%2Fxkr33cUh980WYkAr9mot0DifsCugBzfbM%2FdrGZ6"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 831b0567a9943a8a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 408293690_282858100978456_5898504012197789645_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 8 KB
9 KB 1064ms
1064ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/408293690_282858100978456_5898504012197789645_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb88eaa151990c7f3622806e1f8de1a79a1742341bd2fc1a8e34e227fe0af23

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8611
last-modified: Wed, 06 Dec 2023 17:00:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBcpNNufsU1VjzBcw39MFv%2Fm1QouCpayN8AtRjz0TLgGmE3u%2BU7CHeLp6hm%2BSerkUypAAGqLuk0eCVzJVMqOhXphEW6StPLB%2BqigdBij%2BIOv4iVxwJSBIJShDfyIjtYlr9HXIhHFNTWpj3bq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567c9be3a8a-FRA
expires: Wed, 13 Dec 2023 17:00:41 GMT

GET
H3 200 405806116_848434237009696_3846367412843276936_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 4 KB
5 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/405806116_848434237009696_3846367412843276936_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8639261d0b3c937456936c12129d87faf7b234323bf9a15941c71975d679b32e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16133
alt-svc: h3=":443"; ma=86400
content-length: 4241
last-modified: Mon, 04 Dec 2023 17:00:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMBTxG79lMg90fDcEbzGY01QTzcoQOi0WKkYtb2YthxVx0f3hPgBgQw0kSecoOFeDTYm2wZyPcxymW9RLGEVk46HqxOjec8CPhrX3rPE6vTlPRUxehlA%2FFvd%2B3iHQRycClNh1ZSu0HntWr8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567c9bf3a8a-FRA
expires: Mon, 11 Dec 2023 17:02:49 GMT

GET
H3 200 408090770_1199469577676258_315126818570695966_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 8 KB
8 KB 949ms
949ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/408090770_1199469577676258_315126818570695966_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c9f45e510dbaecf29fbe9036b96dff5e5deb9cb288d7d3de055693078ae263

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7879
last-modified: Sun, 03 Dec 2023 17:00:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9thjBBrl1frpbfapWwg9DGu9LfoV9998lVlUVnPE0bpia%2FlOe9RNyL%2FCcrs3wJT9V60dsmcl%2BGdbvmBC3rLdQW8T1qE4uHHVNae%2BTIyxtU9Bh4ot3tx%2FYCPbS7Yme47jLHdyn5wx3PyCVc8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567c9c13a8a-FRA
expires: Sun, 10 Dec 2023 17:06:08 GMT

GET
H3 200 405207559_696358035928846_8558002681145437979_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 14 KB
15 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/405207559_696358035928846_8558002681145437979_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7ebbac029af9f40b1878a53c69f15a1c91ee752461853a43c931181845eea9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216556
alt-svc: h3=":443"; ma=86400
content-length: 14488
last-modified: Fri, 01 Dec 2023 17:00:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcE2eK9IMxGuOep5uTf8jDGUmFvBkN7SD8L0ogTitWbvnxZQ24ga5ADSqPHvANSVgf3ovf%2FW3ndKbRH28fTPHmnS8hLthNECYLH7gduTFNm4%2B%2FwgXD4OFFzDubedhGPxIUZz5x%2BylyDKbqU4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567c9c23a8a-FRA
expires: Fri, 08 Dec 2023 17:01:51 GMT

GET
H3 200 404949543_856619319422411_3961054147974607434_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 9 KB
10 KB 15ms
15ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/404949543_856619319422411_3961054147974607434_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe331974000dc7ec851df29caced20ffd22d899ec4d16c82fad17278e9dfab20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222057
alt-svc: h3=":443"; ma=86400
content-length: 9723
last-modified: Thu, 30 Nov 2023 17:00:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRezvaA6Jgid8vWnXpMNylQ4zHzt183Hse0KeW%2BZLwAcvfzBXaDlCVtBd7au%2Fp2IRJui%2BpZdGmV2iNe5%2F6YzuTDtu4lES0boG%2FWKYESRPzNJk6PnR%2Bs%2Fx7%2F3jpxzMJsXWuTG6V1RLTrjbEyJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567d9c53a8a-FRA
expires: Thu, 07 Dec 2023 17:02:17 GMT

GET
H3 200 404596980_879721916838661_7952236425569460329_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 11 KB
11 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/404596980_879721916838661_7952236425569460329_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f08d4e81386e551d82b3b289422b4bec73c1db54f05aad91c9e69b89ca17dab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222056
alt-svc: h3=":443"; ma=86400
content-length: 10854
last-modified: Wed, 29 Nov 2023 05:00:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JiNqIp7XZijVfWf3s8Lv0J4Ptgglb8lN9mlP9RFbAT%2FL9dZTxt5lw5WzuA2cmLpWI%2B7adKu0r%2B2Gve%2F5xv%2BrZ9%2FT4SXi%2BCxtdj3tkBM1waoO%2Bv5GqM2ujPs9JWRRkjuAMx9a4UueVHdfRaa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567d9c63a8a-FRA
expires: Thu, 07 Dec 2023 22:10:51 GMT

GET
H3 200 404293402_1112570263065771_6081740697515157687_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 8 KB
8 KB 15ms
15ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/404293402_1112570263065771_6081740697515157687_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d61da53d67cd069189dcfdf21ebfb8932a6ee232d190755bb37736e434c76c96

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 394431
alt-svc: h3=":443"; ma=86400
content-length: 7979
last-modified: Tue, 28 Nov 2023 17:00:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8q6Ey4bT6brhz9xvAclSt0tEe2NsMRJV68wYucUAASIWKbZZ%2FUnaIDUQfL5E1vo6OuhqVryXv4xdajmJsWGyl1TAhHRuPo3gTuQR5cpxT8XXqJmOPDVmF8edCb9ddjDff0CeuiwOqsouiyn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567d9c83a8a-FRA
expires: Tue, 05 Dec 2023 17:03:20 GMT

GET
H3 200 404625934_996186834813070_1759538294953977913_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 5 KB
6 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/404625934_996186834813070_1759538294953977913_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89463a7f4fb1e3bf55f37f6e0a8d40342aa23cf8dedd3176b0c49ff257a28101

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216556
alt-svc: h3=":443"; ma=86400
content-length: 5275
last-modified: Tue, 28 Nov 2023 05:00:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOI6DRinrFTV99FtfWOjkl1QAtT7A%2BMQJuXZetJm3U1IV3VW%2BCm1cbCYGLhW8aPtY5o6UkqiFVsV12p9Wemtw0f7t2C%2BLsOumg1oLj8jtTXWqu1g%2FJiRHVlviSjXMTndIw%2BfmZVoTOfp3NXb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567d9cb3a8a-FRA
expires: Thu, 07 Dec 2023 20:02:30 GMT

GET
H3 200 404631781_375723248228657_3899407773195729530_nthumb.jpg
enlifesun.com/wp-content/uploads/sb-instagram-feed-images/ 8 KB
8 KB 980ms
980ms Image
image/jpeg 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://enlifesun.com/wp-content/uploads/sb-instagram-feed-images/404631781_375723248228657_3899407773195729530_nthumb.jpg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0946d8d45bc97fa8aaaf1f1966987db3263d141d0fdb674d958b7530cfe4e65f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/2019-12-03-1298/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7983
last-modified: Sun, 26 Nov 2023 17:00:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H69baSfHxJtb6N5xhj9RQwx7tAeRwLVdrw7S2JGp3NH%2FeA7K8Jnailchlq7g0sDEyHmWAgYvVjTX7dCkzxFKKkiCsSzCYRvqeTkgQMFiT%2BnpZKG%2BeeIwj4BVVCWQOkWCQjXTq8ENlDkPvtXI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 831b0567d9cc3a8a-FRA
expires: Fri, 08 Dec 2023 01:04:55 GMT

GET
H3 200 admin-ajax.php Show response
enlifesun.com/wp-admin/ 38 B
627 B 1117ms
1117ms XHR
application/json 2606:4700:20::681a:e28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://enlifesun.com/wp-admin/admin-ajax.php?action=achang_uv&post_id=1298

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7448f8b9522067d29bb6aa28bb3b6dc5d6de80dcbcf20cbf3ae20dc67bf031d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://enlifesun.com/2019-12-03-1298/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400
content-length: 38
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeK0J0Rm2NzPfFhrhUSgAxcNI8OJqnziRX1a%2FMwFhAONX6GcNQkSSwWKugDgalxGphmp%2BamreYfsYGzoCVFp7QmYKQcwyNaga9G7NqnFVpUfVXWAyBKuFHM7y26B2icZwest%2BfL0sFytIcsZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
x-robots-tag: noindex
cf-ray: 831b0567e9d03a8a-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 share_button.php Show response
www.facebook.com/v18.0/plugins/ Frame A7D0 42 KB
13 KB 93ms
65ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df221ab0efa5da64%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=78d63d478ecd20d09accbd12c5279f96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c6e6d519fc934ec729d321bf87edb7693f5303e5acf33f42c82ec73777a35e3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:04 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v18.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: dyFtKp8Z6wiCBpBz05aV54gvgQZXJn4TKHi3PB5KZ8Z2UfYIwi7Syf82R/5u3BaXrk2lTZV43536hg3bZOtMtw==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v18.0/plugins/ Frame 3D65 0
2 KB 59ms
35ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v18.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3cb8620611c4%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=78d63d478ecd20d09accbd12c5279f96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Dec 2023 07:23:04 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: 7RTZUwOnL7U4b1uqtPTEwMIlqUFaw9mtZM7oWOt8fP/RTSOfeW4m3s1gtIvcVe2r21EeiDmmpu0vDHt5iaw+7w==
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/v18.0/plugins/ Frame 4F06 48 KB
15 KB 378ms
358ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=78d63d478ecd20d09accbd12c5279f96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

403f3555d8786414686cabf253b525daf6ae11e934d98526886fccb85a053196

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:04 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v18.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: GZe3ZrelP1g+38zuvvxlPqzozsdfoP/+w8rgh8tk4cqUhe2E4067O2NeOQME/DHM+I4KJFwStwSGIotZ6IoVKw==
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 8EE5 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 05:53:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 07:23:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 8EE5 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 8EE5 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 8EE5 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:42:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 15:42:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 8EE5 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 19:43:37 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EE5 202 KB
64 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:04 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 8EE5 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 render Show response
affiliate.klook.com/widget/ Frame 4BD0 2 KB
1016 B 916ms
915ms Document
text/html 34.149.108.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

fda4f866e659cc61065b389be9cf2f938ea51b039d59bd08932275da8102b49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 806
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 07:23:05 GMT
server: ReplaceHeaderValue
server-timing: render-all;dur=1
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
via: 1.1 google
x-cdn-cache: miss
x-cdn-vendor: gcp
x-content-type-options: nosniff
x-download-options: noopen
x-kong-proxy-latency: 0
x-kong-upstream-latency: 3
x-readtime: 1
x-xss-protection: 1; mode=block

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame A7D0 272 B
519 B 8ms
7ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df221ab0efa5da64%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 272
reporting-endpoints
x-fb-debug: LCWR5mdf5Zh1GdHhJJFh7lHtJpn+ngNAkpP7BfBVpnkhqVVH1L7dOFrzVIuY2UeI5fxuiu53Y5gz2EgdB/mN/A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 00:35:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDBA 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Thu, 07 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6A87 350 B
906 B 65ms
17ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1451032
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDIMFPus2d9AG6%2BFXz4dhun62wgaVftpufJF9I4VDvlwBuxZXm%2F5cGNcJ2MLwsvRH9ht7KuQKtQXnRtImCymd18WAGXTuwWDI1DofOmYazwHVUVWx2SB8QsU0ucdStMNh55pcbZFfmmbUmgEkT7tG9XI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b05698f9a39d3-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H2 200 data=4ZvscBtJ7TAI92zV1vncjPTKOj1WrNP1aU-85Q56zARjDNeXEbIGgaG-QzBoYXucyK6Oh9UfjB4YbzAeQ0M9M_Cly-1EhQPFyg_Os9DikXOat_u_UwOIQ2iH6Bk
mts0.google.com/vt/ Frame 8EE5 111 KB
112 KB 65ms
8ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=4ZvscBtJ7TAI92zV1vncjPTKOj1WrNP1aU-85Q56zARjDNeXEbIGgaG-QzBoYXucyK6Oh9UfjB4YbzAeQ0M9M_Cly-1EhQPFyg_Os9DikXOat_u_UwOIQ2iH6Bk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c180314cc35a25d6b6ab952431721960402b355539071f75e69c31716f815da4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
date: Thu, 07 Dec 2023 07:01:52 GMT
x-content-type-options: nosniff
age: 1272
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114170
x-xss-protection: 0
x-server-version-bin: CggIBBDYscCrBg==
server: scaffolding on HTTPServer2
etag: 04302bfa56b3495ea
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 07 Dec 2023 08:01:52 GMT

GET
DATA 200
OK truncated
/ Frame 8EE5 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8EE5 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 96D7 94 KB
33 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/klrvWmGl/users/00000000.0000000000000?from=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=achang.tw&gdpr=1&service_id=10289&service_type=blog&country=TW&client_id=1598&lazyload_widget_ids=%5B%226Xg1eR7N%22%2C%22plqN36YX%22%5D&randomStr=93c6a542-150f-490e-ba31-9877204c5552&id=dablewidget_klrvWmGl_plqN36YX&category1=%E3%80%8BGO%EF%BC%9A%E6%B2%96%E7%B9%A9%20Okinawa&author=enjoylifeSun&pixel_ratio=1&client_width=740&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 09:06:30 GMT

GET
H2 200 ANyDMCEKMwQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y5/l/en_US/ Frame A7D0 528 KB
136 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y5/l/en_US/ANyDMCEKMwQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

441d3c0566b45133364c95590763943e82cd456b0658c1628c8a33f7807a1d7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TWQvpXQ0Sn5J58E5/Ura/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139240
reporting-endpoints
x-fb-debug: xX04G6lZaUy3RUxfsoVSgZdRKq9RpxzUvrRvte50Ef4pAwArKe7CAsoYQHYDW0gioEWJudQ3brQJKXZ6XPxi1A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:23:56 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 0332 2 KB
2 KB 21ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 704373
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 831b05696e8f9a09-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 07 Dec 2023 07:23:04 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4PaxtiBoV%2Fz1%2BHJeK2M5OdNk2dkqTq2NjW9%2FhD4uhRuTPlIBcGP2WrvhgIHxVF8Zwfw%2BDmiOzret7c50HXxw%2BxuuoPud57UuZ1v6%2BlW46FsnwjjZCcpD3ZGo5QQ%2BsUwOlwc5ss%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK AutoSuggestion Show response
sherpa.agoda.com/Search/ Frame BFD5 6 KB
1 KB 31ms
31ms XHR
application/json 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL: https://sherpa.agoda.com/Search/AutoSuggestion?cid=1640878&type=SquareCalendar&locale=zh-tw&keyword=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
Requested by: Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/js/production/common-scripts.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software: istio-envoy /
Resource Hash: e18486f0a822e66bcc1c73910cf2e15387830d2ca9a4607159315319cd75c752

Request headers

Accept: */*
Referer: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=4eMaIW8KhH0QiIBtmU7lGg%3D%3D&Language=zh-tw&Hg=395px&Wd=300px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=344779867757&Cid=1640878&City=18347&DestinationName=%E5%8F%B0%E5%8D%97%E5%B8%82%2C%20%E5%8F%B0%E7%81%A3
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:03 GMT
content-encoding: gzip
server: istio-envoy
x-envoy-upstream-address: prod-6c8c79db98-dqp7z
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
x-envoy-upstream-service-time: 9

GET
DATA 200
OK truncated
/ Frame 8EE5 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17a216a5e9f951bcc2f9fbe27e74ebb36c9168ecfaeb3934bc559811dc14d493

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CDBA 0
104 B 85ms
26ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBdRB0Uy9McKyixkhS4V1Ag&google_cver=1&google_push=AXcoOmQi5HXZoIiepNTw714YPYkSSlhTTydSi9kqFW97z_5WlAUKm8Al38d2xvD4BT-KxkZ0zMgUpSPTAQNSZv0esO8jvzy7OHfVnY8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CDBA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMa...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvH...

43 B
426 B

206ms
164ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 831b056d0dfe2bdf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 27
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENSMP3nRea59R7fO18jGle4&google_cver=1&google_push=AXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSddeTCAVIyq-Szwe-4D5AjpF4wIhE08fTe8d0B9fvROSJyms00KoAWQ_FDwRYbB2hYgjFQos91yris6aVSaHaAWj44tvHMaTM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 831b0569fb0f2bdf-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDBA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHTwoj5ez6T6MH_Ysrvbk_U&google_cver=1&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOLaNDM8RRlMK8csBmo
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F82A6A30FE498A9BB2B33B6A1B978D&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOL...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F82A6A30FE498A9BB2B33B6A1B978D&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOLaNDM8RRlMK8csBmo

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 07:23:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68F82A6A30FE498A9BB2B33B6A1B978D&google_push=AXcoOmTS-JtcDvy171PNFjcSivX2rjVCoV98CcI5hoQSXijSe0g4ShOquiO-FcUqpft9vmhSlV4ow8idTQeElOLaNDM8RRlMK8csBmo
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 06 Dec 2023 07:23:04 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame CDBA 43 B
145 B 17ms
15ms Image
image/gif 35.157.241.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA6kuwL2IP4YhVViXClPZwo&google_cver=1&google_push=AXcoOmQYzneAgpVy_kGzv-Ox4sPUWzTjaitFfEl3x8VvI-6mOwKjczM9v5uscaCOy-z1zik9R4MZ5--oUpFbCYCB6JOzA6dgigLJSdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.241.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-241-1.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDBA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECiAyhf3d5AOlr_IeqLQGEk&google_cver=1&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuoxv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuo...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuoxvmiVF6ztttf9Qvqg-mJgGzw

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA0MTg0Mjg4NjI3OTM2NjgxNg&google_push=AXcoOmQc4zXYwrtXQ7s7gV_GsP9KHnP2Xy81QVtviYJ4adEBY4BmNGTpHRSzwadLELczsuXyRJSZuoxvmiVF6ztttf9Qvqg-mJgGzw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CDBA 43 B
363 B 66ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTTKanS7MRlaAIhCTorJKgS7FGNhLVUwEEtLVYWw9zgoz3-xgc0R1HvuhngCTVLstLZn7TZteRJt0zoPozb-HWhj9dv25sLPeQ&google_gid=CAESEO4rgkxLZjaLcvq_SMBbEYY&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 204734
expires: Thu, 07 Dec 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame CDBA 43 B
297 B 452ms
25ms Image
image/gif 2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF398mwaPMq-6mm3pAQ7rmQ&google_cver=1&google_push=AXcoOmQ1xOFc-nrO54fAfXu0pVRRzIfuWhzPum61so7GiXDFkl13b2rpWWXSiJVmaV5cSv6QbWcjxmzCkq479_cHgyGXFL5eqgbUbDY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=600&slotname=7831277963&adk=3917643145&adf=2568307619&pi=t.ma~as.7831277963&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783563&bpp=7&bdt=1075&idt=7&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280%2C300x600&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&psts=AOrYGsnLVSUdzrOy9sEzrdWyRqlfHDau4ZZ_QFRLl7zNFPH8Z1qqCz3mgxf3toPXkTH3c8ldweWYXXczKQBwcQ&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=2&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CDBA 0
12 B 23ms
23ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km4HWZolSjqkq677D8sn35AEE4YWd5ofTVvKdiqiRYlghYIEGSWWhEqEQn51MteTyVl4yo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8EE5 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options: nosniff
age: 203883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BBE1 0
19 B 68ms
68ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaqvA13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT5AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwuiZn-ke-Rdit2ijg12zOV6EOwIsXNFcvjbBHJv6llfSgTErf8G2f4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzY3OTY2ODY5MDg3MDAwGAA&sigh=R6c5884wEk4&uach_m=%5BUACH%5D&cid=CAQSPADICaaN0H8yfX6NWBCb6aX3Uf9pZBwrf6UshCciiRz3SCO63B8OhuZxeidBhvIo8ba7N-obIv752fhpshgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame BBE1 0
103 B 45ms
18ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jdndy183v0qfvx7gxpbp8f2we5r1t34h9qxnch2cf8v6r6jgba7dv7wr37jrvr6e9wxpcevzjtxkewq809dj798qcxkr0dvvd00m1r9yr967c9279482yycj7w4bzd4xxhctsnnd54ttk6mhsthnrde2nq12y3bgx5nmjkyf1b6n3gkncn2k2bbh4s5w7d69tsxsrg1tw47qstnv17kkbnxb5mbyt5001q7tz4r48svvfk8yh40frvh5dd6hwpgvd7tsy2fgqqpjhajc0jzta4q1795w2rwj2d9gqb9hsqh4chnjg1jqwkcfctdk3dt5yjkzgppfej21qc0srw91qc9zkrcv5sv0y3vdaeb7y51yx3te33q6f4x2zmgqvvjtaxt25hyvzzk1xr&b=ZXFy1wAIwRgI9koMAAZjYL7IHmoXyQMfNt7yrg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9767966869087000&output=html&h=600&slotname=8217896942&adk=590758911&adf=1377084525&pi=t.ma~as.8217896942&w=300&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=300x600&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933783530&bpp=18&bdt=1042&idt=18&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8bcff94d7c55e5be%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg&gpic=UID%3D00000d0caf8136a9%3AT%3D1701933783%3ART%3D1701933783%3AS%3DALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw&prev_fmts=0x0%2C740x350%2C740x280&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&ga_cid=1555568801.1701933783&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=372830667&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:23:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8EE5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2W7i13JxZbC2KY7bn88PzNKbiAj89Yu-dPfHyIH2EWQQASD92PgiYJXikIKgB6ABvIbNuijIAQmpAsba8cf4DbI-qAMByAPLhICABKoEmwJP0OGpnVoRteJvYzkqdM4ljqlUKuj_mwnmybS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212244606111181863934%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_re...

0
0

49ms
42ms

Fetch
text/css

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212244606111181863934%22,%22debug_reporting%22:true,%22destination%22:%22https://brautboutique-katharina.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210860315452%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214800182668319673425%22}&andc=true

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12244606111181863934","debug_reporting":true,"destination":"https://brautboutique-katharina.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10860315452"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"14800182668319673425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 07:23:04 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12244606111181863934","debug_reporting":true,"destination":"https://brautboutique-katharina.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10860315452"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"14800182668319673425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C39 50 KB
19 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:56:49 GMT

GET
H2 200 posts Show response
provider-prod.mdeianet.com/api/ 193 B
298 B 788ms
255ms Fetch
application/json 18.136.11.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://provider-prod.mdeianet.com/api/posts?key=38d0e5f4-d199-4a6a-ab15-f51eaef0426f&pathname=2019-12-03-1298&search=
Requested by: Host: api.mdeianet.com
URL: https://api.mdeianet.com/api/js-client.js?key=38d0e5f4-d199-4a6a-ab15-f51eaef0426f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.11.74 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-11-74.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: b301b038d25ecad92b0cd36c22815a6721cec40cefcfca0e6c302feff4189db2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:23:05 GMT
content-length: 193
content-type: application/json; charset=utf-8

GET
H3 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 4F06 20 KB
5 KB 16ms
10ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: 9X8mKo3oJww9vIytvVr3M2XXXCrpInaRVyCtT4p52NHgVbjX6jfm8uQ7dOlMr9lpMbUhtDieATjLjX5DVA5UHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Nov 2024 09:16:59 GMT

GET
H3 200 Vk5nuQ1qWIw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 4F06 354 KB
92 KB 18ms
12ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Vk5nuQ1qWIw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

017e8a139ce78047066528a3ce36405a19836764a7cf55755b29c5a0a94c0a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v2pcvJGG+kEYMAiOFPBiPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93672
reporting-endpoints
x-fb-debug: uUy/mh5rGAXvUtJSxQ1MR3a7wESneeQ7X7m6r3jkqiOaDbTY80x/loi6vew4wrnHykh0xhoJYEFbkPjdegzvTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 19:23:11 GMT

GET
H3 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 4F06 7 KB
2 KB 21ms
15ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: jQN9pCNXEC2wgRBmtjOn7H0P42EaVjQzgJgVegZl437pMDqUXdoC2Myfg2+cTrlD0HtOriod4PcYX7HEmQ05Jw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Nov 2024 17:50:19 GMT

GET
H3 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 4F06 94 KB
27 KB 34ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: +6xjwS8Y7YiUKTtskv/px88grrtOj1zTGUFCG80xqEtL9Xjz67u56hGual3qQMzBP17ztMMrmtb6xfCfyp7/ag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Nov 2024 21:44:39 GMT

GET
H3 200 NzLu2EgdNec.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 4F06 52 KB
17 KB 72ms
67ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/NzLu2EgdNec.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZzTJ+p/dtUbDbk1794DOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16835
reporting-endpoints
x-fb-debug: 3emvtr274wRtI9nxlAsflIrYYYnwFQQYSM9lQ2N10ZA/ps/89sctHbYSdiGCB/+O0+z40HVC1QPEqzQog+gFpw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 17:34:12 GMT

GET
H3 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/ Frame 4F06 70 KB
20 KB 73ms
68ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7796762cda084fb07a08fb94e042ee6607188d30fab7ff1ed28a2ef2352ee08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6tw+PZbsYkf3VnFHHzcGyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20053
reporting-endpoints
x-fb-debug: 8I0WwY0rsjBJuBV+1QonXNZgPdrgaA2JcsJ90bOrzzGVvP4+IdbQ19SgOJwhzSo0tbe+xXhsC2EGwY+5a4g+Rg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 30 Nov 2024 23:20:11 GMT

GET
H3 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 4F06 507 B
430 B 82ms
77ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: pG6FoPJqQZxp5tjpXVi0Y9q+DzA3cBlpJXW9lMIqccdenVR6XilMB96CdiCmi1AC1GHPNnzsXNeJhma+iY4yLg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 24 Nov 2024 16:46:16 GMT

GET
H2 200 274997856_501343911363063_5906233254274225885_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 4F06 13 KB
13 KB 88ms
79ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/274997856_501343911363063_5906233254274225885_n.jpg?stp=dst-jpg_p206x206&_nc_cat=109&ccb=1-7&_nc_sid=081abc&_nc_ohc=ap4aN-4RRBAAX-zLW00&_nc_oc=AQnoZv8MNn0uTRMwGc2nEUkDGmyTHzbkQgDBiAVr4gfAOmg-BvQPXRU8MfIzQ4m4pFo&_nc_ht=scontent.xx&edm=AIy5uYwEAAAA&oh=00_AfCiq04lktnnwFKyScaqTNWUX2fSJMYUhVBBQyRINGtsMw&oe=6575E9A9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 24d4074e445b349418926a124c090c52f57072dc71d3eba96550ea964367bc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 01 Mar 2022 13:38:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1017816051
thrift_fmhk: GBBH/SjAIbF3YxBzMUBVi+WpFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: NF3Cbd3XmR6pKx5oQ0CtD9TfhI7UiYOMG9kA536REWBAPDLV-QQCFZSqdPdnIyTxUhKJk0maCD47yJwi80fsGJsTJHRrIm5svEtDc2Qv0bA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4123308661
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13381

GET
H3 200 148431436_264082368422553_8300409616781138307_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame 4F06 965 B
1020 B 48ms
46ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/148431436_264082368422553_8300409616781138307_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=db1b99&_nc_ohc=vjg34QzdxB8AX9ER3oS&_nc_ht=scontent.xx&edm=AIy5uYwEAAAA&oh=00_AfB8OM2vPozzbTHOSaeVgRtx1eC-RBzCf1PdVrTK_Ykvfw&oe=6598E26B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 79f95a8b8a577d527c5efc77e874a9189fd1f074deccc3e324e8fcba710bd676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
content-digest: adler32=1019797474
thrift_fmhk: GBAfDbPXVhlZjheAH8kgxUzcFfDr4Z0EAA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 965
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 13 Feb 2021 07:01:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: iv69n3ELeZbsiojDL0BsfEQ2CAJhLVQE2vl5UuYVT6e1MryHJMykg-wwrzNWflNp3aHOpFl3g_73dCfDNheX0XGMBiRLBbBlABpkKqdqaEw
x-needle-checksum: 2745656634
accept-ranges: bytes
timing-allow-origin: *
priority: u=3,i

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 68ms
62ms Preflight
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 6A87 2 KB
2 KB 34ms
33ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48b2ffef8d6a49c7ee63d5b570d4c1325e380109534b01093e9d95365c05c4d3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Dec 2023 07:23:04 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r62I%2F%2BCPwLqm5ujokiZ2ZiWsiuoo2wXOrMBzh5CPSHqRZsFd6lT0Jw6FlQUHcqfP6qKUQeHCrfsBpI2tXYJJoS%2BF5Dt1QEqseg8LNzYnzIGM1mdy0q683z3B3uNELk2Sw6VAD6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 831b056b282637c6-FRA
x-backend-server: aa-reachservice-group-europe-west1-kt8g
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 85ms
29ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b056afffc37c6-FRA
content-length: 24
content-type: text/plain
date: Thu, 07 Dec 2023 07:23:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bpo0xn2HeGcY11rB9Cf2RzGFWXgOz0NYN07h7jNXL9Bp6zH00f1zWwioa7p77wS8gzhIApU7bGwxqzDWORWpSbaRNL66dd4ApOxSHgSiaN91Up9%2FMlRs%2BJlVFbIw%2BnoBUT6Evk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-kt8g

GET
H2 200 / Show response
news2.newaddiscover.com/videoads/ Frame 0801 7 KB
3 KB 1049ms
993ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a83ec6e64ed7286b0de6c85b27e0553fd9ac3a7dbe08d538a6ecd6c36d553a6

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b056c6f9ff184-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gub71qnVvWherFCmCw9pSO1Zwei9oAKpuCaVjY1SogvhCzISO59W6ZHNH5RTzIP7APfVD%2FiIaggRfdzxC%2BtOUXai8dYOXs1DeYalphhlVO%2B3JdiH8Gz5dBYxsh53Yl3XZggLXfA9jYu14gFvn360S8R2isG3cw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 4F06 573 B
710 B 9ms
8ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:04 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: nS5u1bFlnRp+uO/HSs8wSlutqbjvQxYmqBZIgeaNsXe+km+rB0IdpW6iKbRAYfas/H20VIMJm/PMue3lpqsm/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Dec 2024 05:05:01 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8E51 9 KB
4 KB 34ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3e249ed2bb3c5127daa624fc8605621fe3d7251116446c48fc18bfb2eedb72b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hgfax4kbfadcanqsqs9s0vf5hey30tyva225yx4rn1hy9sjr8kmtm02yfa2nsetq3we8cw3p9rymakt2xccsxhp9nxcny2d5fn24sbvemyqw8tpn4ej1xgxs8mq69ft67jmgrwqrkkn3k6dgxcghnet5bj5whd4bj91bq9h5v46cp3enmwh84rnge1hykqpscrsgekc9hxyqnj2hwhw0cc56w9gn0yjv4wqrr9pvs11k068ejmwf0p8yhwnjyzs1tpeq1fmns0mdyhfw61ggxjebghr9h1p38nw5v9s91z3ap8a22rpxhsc6652v2xc7ygrzr5qagv31wdfk5xbkxv22wf75tvf0nfkjp3mrq3ykezwqnbyfccpwrnkkwgxz1tewyjzrbjafxwtx9fffyedpxdkryc3hwg2sbw5s4y1455vj14d81wxypef8nmxkgvxt7kxx4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%26client%3Dca-pub-9767966869087000%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 831b056c194d9a09-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:04 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

POST bz
www.facebook.com/ajax/ Frame 4F06 0
0

GET
H3 200 page.php Show response
www.facebook.com/v18.0/plugins/ Frame 3F6F 48 KB
15 KB 81ms
81ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=78d63d478ecd20d09accbd12c5279f96

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0993545e75c46b6d6e5e9d3ab9604c54418ee110833de50d60473c8060393802

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:05 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v18.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 8P5Ju0SJgSmRhwWpjkxTRMkzCt/F+iaQF49w8A1EeLuDb/NCrb8RdZK0KyiFMN+vU2uZTsXDIJOuoHE7IoKk+g==
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8E51 115 KB
14 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2180005
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4M54lg4gssAJXUatbmdJ7fSfGhlAq8LsT2iayxpIxussVZzeEiPaaWToWHVZMHimVhhF%2BQRWlJDtB5lj5PUUXLjZJNjM5otyiEjqqalR3%2F3cMT1q5JrbXKhEAsVt1ji8PowwYEqB4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 831b056c59909a09-FRA
expires: Fri, 08 Dec 2023 07:23:05 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8E51 9 KB
9 KB 35ms
20ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2342917
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAjk%2FcwAHi8tx83woKYFcGJNjE6IJDqxiyimhN6bSwSgyo0viEXMxV4E1YEKnp7hKXBoehDZUG0pLLRlAhShzyFpT27SvTpe0A5Hqf1hjYfsqQlqh2geRZ66ptD4byZCw9YYnnqftTB53goS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a4c3615-FRA

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame 8E51 22 KB
22 KB 35ms
21ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2319736
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 22596
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:47 GMT
server: cloudflare
etag: "80c578a48f16f48e135bcb3d2ea2c9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjRW5OFBtSsjX5%2Bjcb0zGe5xshV8suiF0NQqw5DX9D6sM%2FQoPFgRJW6vd2huOtIG4viWpb2NLLE1GzZEOsUUFTvOOy4PF2sp1b%2BEQ0Hphfk3vJVi6wWyDcWUsRFNo2m8dPWzCfuJ%2B5ZsT4g3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a423615-FRA

GET
H2 200 2aed39855b5f46b777481d90b61d111f
pv.medialead.de/trck/epv/ Frame 8E51 0
327 B 455ms
18ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8E51 4 KB
5 KB 34ms
21ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529263
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaRycK%2FZbT9OsuqpjvOgQobfm07%2FxhQYWlaCIKQYnOVpmiC87NfedGDGJEi%2BWIMlP%2FARx3mbv9xnABBi6L3Y0g8XsODjX%2FkBsYLBggyLTe%2BDccZLzAUpSHwKQuscyY7OKT1Ueaia8LoBPPJE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a4e3615-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8E51 15 KB
16 KB 35ms
22ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 779370
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE1%2BdCKWjWzq%2Bgs1JiYkuNcpOnf6IVlpmMDAwajShD70%2FjirwhPiIV7Q5oKS%2BTO%2BY7WIm0MDOAm2iXZY45oFKtvbcQFjvDjPm8bFMZa7JwIEDxXw5t7d7fHHfpsxyTlq5oHxmrI4XofP%2Bf57"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a493615-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8E51 43 B
704 B 80ms
55ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 07:23:05 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8E51 2 KB
2 KB 39ms
26ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 693854
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNaE%2F64pIhOH%2B%2F%2BoXHd%2BJInKbndENwciY%2B0%2BbiBhMAZuH%2Bn18BBw2UuW%2B18c6pyJ3NVHB63CPTNgiuyWxk6tuMTaDdUoVg%2FgoV3OGp6%2BEFO6BqprJbjZsceeR%2BcFDhMnND9BkdSNREXI3UKW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a463615-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 8E51 23 KB
23 KB 39ms
26ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=600&e=&g=d78420c628993336a011cfd28963d59c%2F11946679147902475734&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701933784824&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2vjm7q8hkemkc51x3v89fpv2tajgf8vmj8pd7a8rzx8btq6efa91f9nyvv9p3s19vgm0mby8cg6mqj0rvcddeemyhbtk9fyb291tpzk67z3hhxwdexrt244pfrkq9kt0999s31tg3m1n2ksaztk969v0xvh55gx1rv0czby9epw3pj22yzxxtvqgke80x96svyr3qtn3etrdp96ke90n8z2a060ccvkm0w0pv2bcdwt67ga0mgghm3jjh3xwx0wdede6pwyfr2dxcajcecn2pj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzrTe13JxZZiCI4yU2fcP4MaZOJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3Njc5NjY4NjkwODcwMDDIAQmpAsba8cf4DbI-qAMByAMCqgT8AU_Qd8p5mXHH8HRRqFrBRFnhGtNRE8dHVUnBKJz42THGeYa3R4GgBjv03SeEiWp6P2jTrCbB0JtTZWPJdJuTQ9A6GRe-hqZ_swxl42j5_G-7oynCHS0_qQum2-iHH27CPBjeGAP4w642BJoD_91GykknxIr2TNd9FMNSwuRxfX__yCoeP95qtiqjj-uBe-90sSU6CYCj3UFgVaAs1tilYHxrZJAB1kOQmZz1m5S2M63kFJqYLCApOs6a_SK8nEr2Zm-2ylp1mb_HFNENJ0MrX0MSwujbnciMLu7l96Aky8tpcMx2AhYm8dtyputB3tJobsPMrSn-o172tyBC6IAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5iee05fyCA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_36_bsSZ2cym9Fsc74TZg0xVvky4A%2526client%253Dca-pub-9767966869087000%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2162718
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOCIRTvM9nxkSnSyQMF2UcUMslQWikw1ivWv01udmNucFStbtF%2BH0NqAg%2BfhCkAFKaLdcUeObtWj50CJ%2Fc5mvtp7CPymE5RP5ICa1uaO2boWCCywpuQe9n9%2BbvrcyutJz%2F3sOjGvpQgaxgJX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 831b056c6a4f3615-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8E51 43 B
704 B 88ms
63ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 07:23:05 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 496ms
496ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:05 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Thu, 07 Dec 2023 08:23:05 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 169 KB
88 KB 1176ms
640ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&&device=pc&media=achang.tw&extra=windows&agency=adgeek&topn=50&ad=100&r_category=all&country=tw&redirect=true&uid=7c30c0327ee8917fb071701930185055&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjYyIFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiLzIwMTktMTItMDMtMTI5OC8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU2JUIyJTk2JUU3JUI5JUE5JUU2JTk5JUFGJUU5JUJCJTlFJUVGJUJEJTlDJUU1JTgyJTk5JUU3JTgwJUE4JUU3JUE2JThGJUU2JTlDJUE4JUU2JTlFJTk3JUU5JTgxJTkzJUVGJUJDJTg4JUU1JTgyJTk5JUU3JTgwJUFDJUUzJTgxJUFFJUUzJTgzJTk1JUUzJTgyJUFGJUUzJTgyJUFFJUU0JUI4JUE2JUU2JTlDJUE4JUVGJUJDJTg5JUVGJUJDJTlBJUU4JUI1JUIwJUU5JTgwJUIyJUU2JTkzJTgxJUU2JTlDJTg5JUU1JTg1JUE5JUU3JTk5JUJFJUU1JUI5JUI0JUU2JUFEJUI3JUU1JThGJUIyJUU3JTlBJTg0JUU3JUE2JThGJUU2JTlDJUE4JUU2JTlFJTk3JUU5JTgxJTkzJUVGJUJDJThDJUU4JTg4JTg3JUU1JTg1JTg1JUU2JUJCJUJGJUU3JUE2JThGJUU2JUIwJUEzJUU3JTlBJTg0JUU2JUE4JUI5JUU2JTlDJUE4JUU1JTgwJTkxJUU0JUI4JTgwJUU4JUI1JUI3JUU1JTkxJUJDJUU1JTkwJUI4JUU2JTk4JUFGJUU1JUE0JTlBJUU5JUJBJUJDJUU3JTk5JTgyJUU3JTk5JTkyJUU1JTk1JThBJUVGJUJEJTlFJTIwLSUyMCVFNCVCQSVBQiVFNSU4RiU5NyVFNyU5NCU5RiVFNiVCNCVCQiVFNCVCOCU4RCVFNyU4NCVBMSVFOCU4MSU4QSVFMyU4MCU4MiVFOCVBNiU4RiVFNSVCMCU4RiVFNSVBRCVBQiIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJlbmxpZmVzdW4uY29tIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTcwMTkzMzc4NTA1OCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_9aca3bde759c
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 314e9922a93c4545cfe7761dfd173c0b6febdb645851caa2db613924bb4a1c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H2 200 track.js Show response
ad.tagtoo.co/media/ad/ 6 KB
2 KB 54ms
3ms Script
text/javascript 34.111.12.34
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tagtoo.co/media/ad/track.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 34.12.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c30f226d1fcb38de7c5c6ec05adf908871464f384ce021f7eff8f9336429f560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:01:38 GMT
content-encoding: gzip
via: 1.1 google
age: 1287
x-guploader-uploadid: ABPtcPqkSDD1w9EQy6C6YOYjV_5hfAILRA-bOcHrRkqzJcnPLc2AVyOPsQ3BpBp208j5NYX-h-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1796
last-modified: Tue, 21 Nov 2023 07:02:05 GMT
server: UploadServer
etag: "3dddf24656a4e298268f821f84907276"
vary: Accept-Encoding
x-goog-generation: 1700550125482968
x-goog-hash: crc32c=OrAyDQ==, md5=Pd3yRlak4pgmj4IfhJBydg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 1796
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 07 Dec 2023 08:01:38 GMT

GET
H2 200 tuec.js Show response
uec.tagtoo.co/ 1 KB
1 KB 55ms
5ms Script
application/javascript 34.107.150.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://uec.tagtoo.co/tuec.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.150.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3302ea2420bf26ca5e2e7b4fc40613b8894b977c77cb1a03d7dba00d05cb9228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:05:30 GMT
content-encoding: gzip
age: 1055
x-guploader-uploadid: ABPtcPpsXgE58G0LJHuI0GR11gxurknCPQTiYYl_1M0LFKUsnHoSlK8eI6HB6P1eFzDPCZKcHOI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 715
last-modified: Wed, 06 Dec 2023 06:56:11 GMT
server: UploadServer
etag: "09cb7a38ca39d1d958aa2ff92a8ccb1b"
vary: Accept-Encoding
x-goog-generation: 1701845771444754
x-goog-hash: crc32c=0r1hBA==, md5=Cct6OMo50dlYqi/5KozLGw==
content-type: application/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 715
accept-ranges: bytes

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 979ms
499ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:05 GMT
x-amz-version-id: rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 06:45:28 GMT
Server: nginx
ETag: W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Thu, 07 Dec 2023 08:23:05 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 783ms
258ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS42MiBTYWZhcmkvNTM3LjM2IiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJhY2hhbmcudHciLCJ1cmwiOiJodHRwczovL2VubGlmZXN1bi5jb20vMjAxOS0xMi0wMy0xMjk4LyIsImxvYyI6Imh0dHBzOi8vZW5saWZlc3VuLmNvbS8yMDE5LTEyLTAzLTEyOTgvIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjYyIFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkifQ==&t=1701933785060
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 783ms
258ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImFjaGFuZy50dyIsInVybCI6Imh0dHBzOi8vZW5saWZlc3VuLmNvbS8yMDE5LTEyLTAzLTEyOTgvIiwidWlkIjoiN2MzMGMwMzI3ZWU4OTE3ZmIwNzE3MDE5MzAxODUwNTUiLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNjIgU2FmYXJpLzUzNy4zNiJ9&t=1701933785063
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H3 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 3F6F 20 KB
5 KB 16ms
15ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: 9X8mKo3oJww9vIytvVr3M2XXXCrpInaRVyCtT4p52NHgVbjX6jfm8uQ7dOlMr9lpMbUhtDieATjLjX5DVA5UHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Mon, 25 Nov 2024 09:16:59 GMT

GET
H3 200 Vk5nuQ1qWIw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 3F6F 354 KB
92 KB 17ms
15ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Vk5nuQ1qWIw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

017e8a139ce78047066528a3ce36405a19836764a7cf55755b29c5a0a94c0a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v2pcvJGG+kEYMAiOFPBiPg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93672
reporting-endpoints
x-fb-debug: uUy/mh5rGAXvUtJSxQ1MR3a7wESneeQ7X7m6r3jkqiOaDbTY80x/loi6vew4wrnHykh0xhoJYEFbkPjdegzvTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 19:23:11 GMT

GET
H3 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 3F6F 7 KB
2 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: jQN9pCNXEC2wgRBmtjOn7H0P42EaVjQzgJgVegZl437pMDqUXdoC2Myfg2+cTrlD0HtOriod4PcYX7HEmQ05Jw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Nov 2024 17:50:19 GMT

GET
H3 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 3F6F 94 KB
27 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: +6xjwS8Y7YiUKTtskv/px88grrtOj1zTGUFCG80xqEtL9Xjz67u56hGual3qQMzBP17ztMMrmtb6xfCfyp7/ag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Nov 2024 21:44:39 GMT

GET
H3 200 NzLu2EgdNec.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 3F6F 52 KB
17 KB 28ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/NzLu2EgdNec.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZzTJ+p/dtUbDbk1794DOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16835
reporting-endpoints
x-fb-debug: 3emvtr274wRtI9nxlAsflIrYYYnwFQQYSM9lQ2N10ZA/ps/89sctHbYSdiGCB/+O0+z40HVC1QPEqzQog+gFpw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 17:34:12 GMT

GET
H3 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/ Frame 3F6F 70 KB
20 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yK/l/en_US/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7796762cda084fb07a08fb94e042ee6607188d30fab7ff1ed28a2ef2352ee08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6tw+PZbsYkf3VnFHHzcGyg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20053
reporting-endpoints
x-fb-debug: 8I0WwY0rsjBJuBV+1QonXNZgPdrgaA2JcsJ90bOrzzGVvP4+IdbQ19SgOJwhzSo0tbe+xXhsC2EGwY+5a4g+Rg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 30 Nov 2024 23:20:11 GMT

GET
H3 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 3F6F 507 B
430 B 33ms
32ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: pG6FoPJqQZxp5tjpXVi0Y9q+DzA3cBlpJXW9lMIqccdenVR6XilMB96CdiCmi1AC1GHPNnzsXNeJhma+iY4yLg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 24 Nov 2024 16:46:16 GMT

GET
H3 200 274997856_501343911363063_5906233254274225885_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 3F6F 16 KB
16 KB 38ms
37ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/274997856_501343911363063_5906233254274225885_n.jpg?stp=dst-jpg_s350x350&_nc_cat=109&ccb=1-7&_nc_sid=081abc&_nc_ohc=ap4aN-4RRBAAX-zLW00&_nc_oc=AQnoZv8MNn0uTRMwGc2nEUkDGmyTHzbkQgDBiAVr4gfAOmg-BvQPXRU8MfIzQ4m4pFo&_nc_ht=scontent.xx&edm=AIy5uYwEAAAA&oh=00_AfDL0maxBQ0YFi883gU8kHGX2G5CdGZpLhcFLS0uDMfcMg&oe=6575E9A9
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0ea77f61c292775d52575878141e552fae455f7587b0cb61ca55e50c3ae7ad47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-digest: adler32=2785325994
thrift_fmhk: GBBlDD2LKM2+Ukyuge7BwkRPFfDr4Z0EAA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16423
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 01 Mar 2022 13:38:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: BC8zkN8tX4DmMnCdcjYs0I8wP8bBP9Hdptd5MtjHmQosYw87s9TqDjElEnpdQKZK7SQKqRVXGFr8iaGuKAzQv-EHqNshxJF-5Wu76nbu7lw
x-needle-checksum: 4123308661
accept-ranges: bytes
timing-allow-origin: *
priority: u=2,i

GET
H3 200 148431436_264082368422553_8300409616781138307_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame 3F6F 965 B
1016 B 8ms
8ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/148431436_264082368422553_8300409616781138307_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=db1b99&_nc_ohc=vjg34QzdxB8AX9ER3oS&_nc_ht=scontent.xx&edm=AIy5uYwEAAAA&oh=00_AfB8OM2vPozzbTHOSaeVgRtx1eC-RBzCf1PdVrTK_Ykvfw&oe=6598E26B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 79f95a8b8a577d527c5efc77e874a9189fd1f074deccc3e324e8fcba710bd676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 13 Feb 2021 07:01:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1019797474
thrift_fmhk: GBAfDbPXVhlZjheAH8kgxUzcFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2745656634
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 965
priority: u=3,i

GET
H2 200 3134.js Show response
ecs.tagtoo.co/js/ 64 KB
20 KB 43ms
10ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/3134.js
Requested by: Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:28:49 GMT
content-encoding: gzip
age: 3256
x-guploader-uploadid: ABPtcPro9SDjmbADWrg-ttDoQvh-qPN_Xsi1QTY2JuayPnkyDX5ZfjH60fNNZvp6gsWBXq0ugFEMYm886A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20110
last-modified: Wed, 06 Dec 2023 04:54:12 GMT
server: UploadServer
etag: "c850b80896c41c8272295a934e2f4145"
vary: Accept-Encoding
x-goog-generation: 1701838452348554
x-goog-hash: crc32c=Lcx2rw==, md5=yFC4CJbEHIJyKVqTTi9BRQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=5400
x-goog-stored-content-length: 20110
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 07 Dec 2023 07:58:49 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 3F6F 573 B
710 B 8ms
8ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: nS5u1bFlnRp+uO/HSs8wSlutqbjvQxYmqBZIgeaNsXe+km+rB0IdpW6iKbRAYfas/H20VIMJm/PMue3lpqsm/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Dec 2024 05:05:01 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBE1 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4wpUV-QmpXzOOpitmBHyHZAziUK5n7M4OK2d1yLstYhtwSZPIIvCwpT-bkhLPwHD5XlCDNhoOxt1ufvdVk18z1xQ-G8n4UN8Z9XvehlpEQRmQVPKD-w&sig=Cg0ArKJSzLl55eoanVpXEAE&id=lidar2&mcvt=1028&p=0,0,600,300&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=590758911&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701933783552&rpt=580&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4EE 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssO1izgYLiZHk2_3DOn-8IZ_Rtrikk3rfDO2nQmofyoPZn92nEx-DMBmNWGWdZ183dB7mer3sNBqO4EVHs8VnpKlTCKIopgeIH6SfCe0ZSPjPugSsgAi67b5OW8M4uTtn9c3O--ytQp3s2h&sai=AMfl-YThmVzZFKQS2NS0HpRc9z93onhdo-2KYnAw4-gTTYVA3aUJC6sfgpLLuj3U2mMEmXE8ibCjWyDLX-zxNEpabcQAi0putByjXiWU1slP8veKfskcD0H3A4pruY1V0Rlo2qN69HcAUjciGzPnyWVKH5-8IoqzLwd8dLE&sig=Cg0ArKJSzHpWxlTnYAb4EAE&cid=CAQSTgDICaaNCeSHw0bKZaCVCTrfGDPjKwl2dc9JLtoZfXhi4y4HzhiohUxXPhI-YGfWPZkpWvM6ki5bIxQAlF_DK3Js_6Uj-UgkmH85qDriPRgB&id=lidar2&mcvt=1035&p=0,0,350,740&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3900778249&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701933783095&rpt=947&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 unitrack.js Show response
ecs.tagtoo.co/js/ 26 KB
9 KB 19ms
18ms Script
application/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/unitrack.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:29:24 GMT
content-encoding: gzip
age: 3221
x-guploader-uploadid: ABPtcPoaDMSV96eYZUvcRujJuXq7k2k03HBLxY8T3BRyPzvOw6AQsaGuD80j9yo3IXKHBuSEDkk
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8725
last-modified: Wed, 17 May 2023 07:38:52 GMT
server: UploadServer
etag: "ccd513edbe3eb66c17d73c94d6462526"
vary: Accept-Encoding
x-goog-generation: 1684309132134575
x-goog-hash: crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public,max-age=5400
x-goog-stored-content-length: 8725
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Thu, 07 Dec 2023 07:59:24 GMT

GET
H2 200 chunk-vendors.4e7d914d.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 4BD0 345 KB
129 KB 38ms
22ms Script
text/javascript 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.4e7d914d.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2449a4c8476c8541fc2e09d7c08ad26fc9ca9d5e954fbcf698bbfc7f12980a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 08:32:14 GMT
content-encoding: gzip
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: RF48ZF310JMAJ7NF
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 3797451
x-cache: Hit from cloudfront
x-amz-id-2: IZo7kcTNzaH8imuxe/lbwjTLQ0UKodsW/aVAiYvsQEBFaXeTL3C04oYxbp2qbPw0QsmN2jzmLnA=
last-modified: Tue, 24 Oct 2023 07:55:04 GMT
server: nginx
etag: W/"08347aaec41992d5f1753b1e56e6571c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: TvD9_FEuKU205ng-qNlYhFLmdayFR2bbTq3PRoDv-YVnBR_si401cA==
expires: Wed, 23 Oct 2024 08:32:14 GMT

GET
H2 200 chunk-common.743fca44.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 4BD0 32 KB
13 KB 34ms
19ms Script
text/javascript 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b8265f85dc657617d56d9de1c9762203d13e30646a40ee2f6e06b5e50068824e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 08:32:14 GMT
content-encoding: gzip
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: RF41GG2V9F0RXEKW
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 3797451
x-cache: Hit from cloudfront
x-amz-id-2: fYHOkQxIHOa64IdGcNMhLH5tB84wkyStmg+Ks34/jj18gSachbItxm2OOnHC3ywzp6IN+7p2wqw=
last-modified: Tue, 24 Oct 2023 07:55:04 GMT
server: nginx
etag: W/"43e706b169d5afcf8f2e6b3f52af1942"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Nw4d-t1w-Rc1EZNLQlgHuweW7dUlzCkiJVywEtHlMsrqB_N66Wu0kg==
expires: Wed, 23 Oct 2024 08:32:14 GMT

GET
H2 200 search_vertical.37e621c4.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 4BD0 13 KB
5 KB 66ms
52ms Script
text/javascript 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/search_vertical.37e621c4.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

05c5e3e953a277962fd4ed03e09c9521367597e0c207408176f9da6d6631c742

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 01:14:02 GMT
content-encoding: gzip
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: AVFVNZKFTBKC17WV
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 11599743
x-cache: Hit from cloudfront
x-amz-id-2: Ffh/mcVkPON94+ry2+QkUEswIJC7V5FKcBIwh4/nzV675noermWtLSyXAHNpr46ZrGUz++jR4xI=
last-modified: Fri, 21 Jul 2023 09:31:32 GMT
server: nginx
etag: W/"1332558dd860932d104f7b6c019b61b9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 59633wiNVSN0OkO7hVgXDYnYd0sNQxnyOiMTjfDImM1tUcTAiOlR4A==
expires: Thu, 25 Jul 2024 01:14:02 GMT

GET
H2 200 search_vertical.cc3e2229.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame 4BD0 9 KB
3 KB 61ms
47ms Stylesheet
text/css 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/search_vertical.cc3e2229.css

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7b0ce55f486e96ebebd3c50098823aa98c91733943b1249b6c2a95eea4f808

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 16:28:35 GMT
content-encoding: gzip
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: FG0R3G38CV90KNBF
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 11544870
x-cache: Hit from cloudfront
x-amz-id-2: vDSYM59jF/5uT8CJeuit1tvQUB/i//qjIYV9962en/KzBKWeWgr6ZwmShu4qxDbEwop8YzJeUGY=
last-modified: Fri, 21 Jul 2023 09:31:32 GMT
server: nginx
etag: W/"28f01291f22d8622aefe01981d60c141"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: yWFpUd9--Ofd8iFO9fSmMMrZ6M4X1xj-73W9L3nABd1SnDvctm0z2A==
expires: Thu, 25 Jul 2024 16:28:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4BD0 244 KB
83 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d77926f4fb9f211780e19d353dacc5b9d32c56ca92497d35bfa2a686b4e9f8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85220
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 07:23:05 GMT

GET
H2 200 / Show response
news2.newaddiscover.com/videoads/ Frame 1EDA 7 KB
2 KB 990ms
989ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1919991de713f71cee297e9efbc088af6009e4cc306369c6d0171a1b0c446fc

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b056f1ab1f184-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zvnMa00NMg7jFTDNUpj12i6BnuNFao%2Fkk%2F9y%2B3s0V9b2P%2BT6rvrPax2D%2FPRM5teSRAOuByOZzYetRy4bP9UYshtQsDsYcN%2BNAeO3pkgSSFws97mGzHinSQBQQYhWj%2BGDiPUux6oVd6Yl3DcPgi25UkqqsXjuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 experiments Show response
affiliate.klook.com/v2/usrcsrv/hit/ Frame 4BD0 38 KB
6 KB 917ms
917ms XHR
application/json 34.149.108.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: 2748cf6bb561a75de6ad875049a5b0766807510d4850569de509519daf1c4869

Request headers

Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1
X-Klook-Request-Id: 7385d28b-31ea-487f-9880-8714c4377e9f
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: bffb6b38-358a-4b92-bd13-0754a8069f23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 7385d28b-31ea-487f-9880-8714c4377e9f
x-cdn-cache: miss
accept-language: en_US
x-kong-proxy-latency: 1
x-klook-service-id: 01
x-kong-upstream-latency: 4
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency: HKD
server: ReplaceHeaderValue
x-klook-version: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-klook-lang: en_US

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4BD0 52 KB
21 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 4BD0 4 B
24 B 22ms
21ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=875327638&t=pageview&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fwid%3D17854%26h%3D340px%26adid%3D782450%26lang%3Dzh-TW%26prod%3Dsearch_vertical%26currency%3DTWD%26uid%3D1&dr=https%3A%2F%2Fenlifesun.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=300x340&je=0&_u=YEBAAEABAAAAACAEKC~&jid=362721638&gjid=1427175401&cid=1825937108.1701933786&tid=UA-86696233-5&_gid=335302818.1701933786&_r=1&_slc=1&gtm=45He3bt0n81WNBGXWMv76068607&cd4=bffb6b38-358a-4b92-bd13-0754a8069f23&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1825937108.1701933786&z=708778234

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliate.klook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C05F 237 KB
65 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Requested by

Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eba514e7b7edaa99932eaae7914866ef5c6259aa2608c06aa9cf16400f0e5df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 07:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 07:23:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 07:23:05 GMT

GET
H/1.1 200
OK screen.css
sticker.events.pixnet.net/2022pixstarawards/dist/css/ Frame C05F 4 KB
2 KB 289ms
288ms Stylesheet
text/css 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: 1923b379f79157978a93959bd52a489bb7c5edd516704a2f0aa384542a11309d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 06:16:07 GMT
ETag: "1014-5f16a1eb66a36-gzip"
Vary: Accept-Encoding,User-Agent
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: text/css
X-FarmId: d43cda767c834cfb4c5c36b98c0133a3bcc8cc30a719f3ed247c661c143dd600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=68
Content-Length: 1596

GET
H2 200 300x0.png
s1.pimg.tw/avatar/enlife/0/0/resize/ Frame C05F 14 KB
14 KB 2948ms
478ms Image
image/png 203.66.32.2
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.pimg.tw/avatar/enlife/0/0/resize/300x0.png?v=1504668217
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/?user_name=enlife&trophy_id=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.66.32.2 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-66-32-2.hinet-ip.hinet.net
Software: HiNetCDN/2310 /
Resource Hash: 02d02ca34e7b0dc9e23c123d0d64bef873454092c8b6f0115ea5508a2b57527b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
last-modified: Wed, 06 Sep 2017 03:23:37 GMT
server: HiNetCDN/2310
vary: User-Agent
x-cache: HIT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: http://appmarket.pixnet.tw
x-farmid: 0183df925cae97b925e6aafdc326f98a24e5f7eeb42b635384f382b128fda209
content-type: image/png
cache-control: max-age=31536000
x-request-id: ff0f81d4df8b7a15aa03d5ffd03d9cbe

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 4BD0 1 B
89 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-86696233-5&cid=1825937108.1701933786&jid=362721638&gjid=1427175401&_gid=335302818.1701933786&_u=YEBAAEAAAAAAACAEKC~&z=1503025969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 07 Dec 2023 07:23:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliate.klook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bg.png
sticker.events.pixnet.net/2022pixstarawards/dist/img/ Frame C05F 53 KB
53 KB 288ms
287ms Image
image/png 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/img/bg.png
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: 3936d27e71d3121f3a73a35b068f09b89e10df9fb3f3755aacc16ba4a0d22565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:06 GMT
Last-Modified: Wed, 04 Jan 2023 06:16:07 GMT
ETag: "d3ef-5f16a1eb69915"
Vary: User-Agent
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: image/png
X-FarmId: 16799ea3fa6c6fc4fe04d13d5e0024758605feaabb8d00113725d83c0105d6b0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=54
Content-Length: 54255

GET
H/1.1 200
OK title.png
sticker.events.pixnet.net/2022pixstarawards/dist/img/ Frame C05F 12 KB
12 KB 282ms
281ms Image
image/png 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/img/title.png
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: b0c8fe28c851482095c6e1492478a4a97c68176235b75e669b5fa01369964b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:06 GMT
Last-Modified: Wed, 04 Jan 2023 06:16:07 GMT
ETag: "2eec-5f16a1eb6b855"
Vary: User-Agent
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: image/png
X-FarmId: 32622639ce616e7550925610a24a59f46ccc46dd6db3cc5e495ae6b96b9290ea
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 12012

GET
H/1.1 200
OK back.png
sticker.events.pixnet.net/2022pixstarawards/dist/img/ Frame C05F 36 KB
37 KB 565ms
282ms Image
image/png 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/img/back.png
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: 33d95ab88bb6ebbc243c3672ac2054dde55360cd5c62646d652072fedd23cec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:06 GMT
Last-Modified: Wed, 04 Jan 2023 06:16:07 GMT
ETag: "9080-5f16a1eb68975"
Vary: User-Agent
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: image/png
X-FarmId: 43ce18a995fe9a70f2d199fa011eaef704fbd24a0672ea0d37e33e896a33c131
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=2
Content-Length: 36992

GET
H/1.1 200
OK logo.png
sticker.events.pixnet.net/2022pixstarawards/dist/img/ Frame C05F 2 KB
2 KB 842ms
281ms Image
image/png 103.23.108.204
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/img/logo.png
Requested by: Host: sticker.events.pixnet.net
URL: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.23.108.204 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: ip-103-23-108-204.static.pixnet.tw
Software: /
Resource Hash: fc604f81c010c01c534c1ecd709d953ca78daaf2c7b45e31c67a640d7e5dc197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sticker.events.pixnet.net/2022pixstarawards/dist/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 07:23:06 GMT
Last-Modified: Wed, 04 Jan 2023 06:16:07 GMT
ETag: "640-5f16a1eb6a8b5"
Vary: User-Agent
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: image/png
X-FarmId: 32622639ce616e7550925610a24a59f46ccc46dd6db3cc5e495ae6b96b9290ea
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=20
Content-Length: 1600

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame C05F 37 KB
37 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:04:46 GMT
x-content-type-options: nosniff
age: 220699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37964
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:04:46 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 33 KB
34 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:45:30 GMT
x-content-type-options: nosniff
age: 41855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34276
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:45:30 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 62 KB
62 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:36:41 GMT
x-content-type-options: nosniff
age: 42384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63168
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:36:41 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 67 KB
67 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:57:17 GMT
x-content-type-options: nosniff
age: 210348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68788
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:57:17 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 73 KB
73 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:47:40 GMT
x-content-type-options: nosniff
age: 203725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74384
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:47:40 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 74 KB
74 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:43:29 GMT
x-content-type-options: nosniff
age: 211176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76120
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:43:29 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 73 KB
74 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 03:19:31 GMT
x-content-type-options: nosniff
age: 533014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75244
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:30:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 03:19:31 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ Frame C05F 77 KB
77 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Serif+TC:wght@500;700&family=Playfair+Display:wght@500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sticker.events.pixnet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:40:00 GMT
x-content-type-options: nosniff
age: 456185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78460
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:40:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0801 147 KB
51 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f912fd03b230db9f9e4dec363228b9c33cfd6521ec66f42522e49230d8daf932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51770
x-xss-protection: 0
server: cafe
etag: 3926088445690736666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0801 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0801 256 B
583 B 341ms
45ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=fd5038c4-dd29-4121-b1e7-1bc79b0eeaad&apiKey=6HWNHHRJKQ3T8FYNNTHG&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fachang.tw%2F&cb=JSONPCallback0

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

2bd502d5d3b669188d0a51474b978b14764157a2bfa1f4486ed745497697fbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:05 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 13
x-xss-protection: 1; mode=block
x-request-id: 59f24694-dfef-446a-827f-354c7e5a5dce

GET
H2 200 / Show response
news2.newaddiscover.com/videoads/ Frame 4E81 7 KB
2 KB 269ms
268ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e782b50644deb03ea9d4d5f112a94b5a8b8fde271f8a04639e0cb5479d60b3

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b0572be65f184-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZU%2FzXwv5XGwBgRoNU1JPuiKfE%2BSK5vAmVc%2FJYYF6N58cEEgvUfJ9mzUwO6laLIMqrk5tZtszThVJrEKBVK0NgIsFZq1gmExSEAyuTNdjOMdikadFBJcQfIwvXbJ2tSNLGNBqv1R9tW0mygYWjYj6Gr492isZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 fp.min.js Show response
ecs.tagtoo.co/js/ 31 KB
13 KB 10ms
9ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/fp.min.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:18:13 GMT
content-encoding: gzip
age: 293
x-guploader-uploadid: ABPtcPpmwGyes4Lschf1wWfCp4kMyQTmjefQ7GaQe7lbpk-ux7bd4rCnasYdABzGFYv244Qk9UA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12950
last-modified: Thu, 16 Sep 2021 09:25:47 GMT
server: UploadServer
etag: "5d9159073c44e4858b07d4445a1adceb"
vary: Accept-Encoding
x-goog-generation: 1631784347603860
x-goog-hash: crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=300
x-goog-stored-content-length: 12950
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 07 Dec 2023 07:23:13 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E81 147 KB
51 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f4e21978730349661a985c30335032023460431299820a54525ec957f064e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51861
x-xss-protection: 0
server: cafe
etag: 10981309155156514475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4E81 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4E81 256 B
350 B 44ms
44ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=b437aced-66fe-4721-b0b7-93257057d8f0&apiKey=TYGHN5YMRB98QK332H6Q&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fyummyyummy.tw%2F&cb=JSONPCallback0

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

8de77637a94df53f78d35237a76fe8daee431b90280a9feadd21ea77b2427e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:06 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 318bd6f1-2d86-47e5-b2b8-ed8ec6c8445a

GET
H2 200 permanent Show response
event.tagtoo.co/ 48 B
113 B 288ms
287ms Fetch
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=89ea549281eff9d7b41f9210e5c7f191
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 86faa01ec1d3c1b1808c96d2743cb94004b3f354dd2796db5e6b76a069b9651e

Request headers

Referer: https://enlifesun.com/
X-TOKEN: a5808d50cbd8897ace6b6b62abf51d37c19e599aea49012c32a74de228b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:23:06 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
content-type: application/json

OPTIONS
H2 200 permanent
event.tagtoo.co/ Frame 0
0 295ms
269ms Preflight
text/plain 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=89ea549281eff9d7b41f9210e5c7f191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-token
Access-Control-Request-Method: GET
Origin: https://enlifesun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 07 Dec 2023 07:23:02 GMT
server: uvicorn
via: 1.1 google

GET
H3 200 search Show response
affiliate.klook.com/v1/affadsrv/ Frame 4BD0 7 KB
1 KB 384ms
384ms XHR
application/json 34.149.108.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v1/affadsrv/search?adid=782450
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: 1b166be5ac51d463a675a2866f99be5e0ca2948e7deb558ebb62dc80acdb9607

Request headers

Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1
X-Klook-Request-Id: 6b1d7cd6-9428-4276-8cfb-e27df5a21e5b
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: bffb6b38-358a-4b92-bd13-0754a8069f23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 6b1d7cd6-9428-4276-8cfb-e27df5a21e5b
server: ReplaceHeaderValue
x-cdn-cache: miss
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/json
x-kong-upstream-latency: 6
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1EDA 147 KB
51 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e57684847fdcdfb41e402cad723883c88ff76607c98969f9f670354485e0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51775
x-xss-protection: 0
server: cafe
etag: 16155530941470694469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 1EDA 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6077
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 1EDA 256 B
324 B 48ms
47ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=bce16b02-70db-4c91-aa2c-08a3cad3162e&apiKey=BZN9DDJFBGVCS8ZQTDPW&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Flazybag.app%2F&cb=JSONPCallback0

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

945edd3afd7df09a25347d49bc655c869272c9cdefcd9d45026000619ac1e2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:06 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: 63cf7e73-cf38-46db-9c32-9533f9a62c85

GET
H2 200 klk-logo-white.f2641500.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 4BD0 8 KB
5 KB 23ms
21ms Image
image/svg+xml 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/klk-logo-white.f2641500.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/search_vertical.cc3e2229.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

602fb23efb442abd1994f6176cf7a37341853aa879a3611e03cb46ce60dd3d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/search_vertical.cc3e2229.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:14:15 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: FA8RT5AS1KZGRYJ2
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 11596131
x-cache: Hit from cloudfront
x-amz-id-2: xHcXflqOhS4qJ8zDVLvapJ4FKKPMOVVtQcCq+Hj3mPmGd/2wWJcSBXUsPy6+7eC2ZBdez5jqYRA=
last-modified: Fri, 21 Jul 2023 09:31:32 GMT
server: nginx
etag: W/"a20fd861597cdf9f0fe41663bede2fd8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: q1awq0zSVVTjP9Wpo45Coiyj6fX9MEx_ScpyLiDeso-T3oGrrMF9_g==
expires: Thu, 25 Jul 2024 02:14:15 GMT

GET
H2 200 search.9852ccfc.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 4BD0 507 B
916 B 23ms
22ms Image
image/svg+xml 2600:9000:211e:3000:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/search.9852ccfc.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/search_vertical.cc3e2229.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:3000:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

329629a4a5d2dccf71ef3f22df9d6556f70c9f86df3b121b194f7289dcf19bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/search_vertical.cc3e2229.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 00:28:34 GMT
content-encoding: gzip
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 8BYN3NMGF5QBXYVJ
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
age: 12207272
x-cache: Hit from cloudfront
x-amz-id-2: iB+jrAh/lblGj+hbnFNr2IxJvHHXMpZu8uR6FFodTINPdlgpEocLGHjL/nLoUsbLhiaocHEKynk=
last-modified: Tue, 18 Jul 2023 09:06:15 GMT
server: nginx
etag: W/"aa63566824e50c072497e82d744ac70f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: UdSrAjg_Wp-YPjdtX0EbMEu4Pac6MeT0CCuA6TcjOTXrQhJJWSb_Tw==
expires: Thu, 18 Jul 2024 00:28:34 GMT

GET
H2 200 / Show response
cell.adbottw.net/dy/ads/native/ 79 KB
29 KB 473ms
463ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell.adbottw.net/dy/ads/native/?ca=achang_tw_rec2
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a992ec4124ee6506446504fcb0634782976ee3c2df851aef91766c60865ad711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu%2FcNqBV9zmFpwMtDsFZlItbFwR5G85sMhYVJ8PaJPNm247dlKsnD6SdZEImBBdGPZ4vfONBx9R8isaxnmbRyoRlxjCQFV5BRFmYBr1Hzt1OWFnsosoPmLWgtDn%2FHPFhoQurQVu08Vgw681bma1O"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 831b0575ed09bbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
newaddiscover.com/videoads/ Frame 5AD7 7 KB
2 KB 984ms
971ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53s&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 593b7204c85fc43c5ae5b98f534434707cab899687bfa2c34abfbb50dc92dc49

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b057689e1f184-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYce6yao5fzYNu65BSox9z1xRxewBVKoNNEK%2Fo8W0phRcBEiTd7H7%2FcMzJMR1w07Zibp%2F9ODqZ309q8dHgDifUTN04sc7c5kUkpA%2FnY1jWZzEklzbAa5saPZtCE35wABAMa55SnSw%2FCbyp1HLhFlwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 web Show response
log.klook.com/v2/frontlogsrv/log/ Frame 4BD0 62 B
237 B 320ms
318ms XHR
application/json 34.111.170.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.klook.com/v2/frontlogsrv/log/web
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.4e7d914d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.170.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2

Request headers

X-DeviceId: bffb6b38-358a-4b92-bd13-0754a8069f23
Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
X-Platform: desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
currency: HKD
via: 1.1 google
x-klook-request-id: d3d00df
accept-language: en_US
x-klook-version: 1
x-klook-service-id: 01
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-klook-lang: en_US

POST
H3 200 event Show response
affiliate.klook.com/v3/affsrv/ads/ Frame 4BD0 70 B
92 B 354ms
354ms XHR
application/json 34.149.108.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/event
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id: 6fd74b7c-b878-4696-ab2a-37529b518ad7
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: bffb6b38-358a-4b92-bd13-0754a8069f23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/json; charset=UTF-8
X-iframe-Data: {"type":4,"data":""}
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?wid=17854&h=340px&adid=782450&lang=zh-TW&prod=search_vertical&currency=TWD&uid=1

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
via: 1.1 google
x-klook-request-id: 6fd74b7c-b878-4696-ab2a-37529b518ad7
server: ReplaceHeaderValue
x-cdn-cache: uncacheable
x-kong-proxy-latency: 0
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-kong-upstream-latency: 7
x-cdn-vendor: gcp
access-control-allow-headers: Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 collect
www.google-analytics.com/ Frame 4BD0 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=875327638&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fwid%3D17854%26h%3D340px%26adid%3D782450%26lang%3Dzh-TW%26prod%3Dsearch_vertical%26currency%3DTWD%26uid%3D1&dr=https%3A%2F%2Fenlifesun.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=Experimentation&ea=Affiliate%20Ad%20Impression&el=Search%20Box&_u=aMDAAEABAAAAACAEKC~&jid=&gjid=&cid=1825937108.1701933786&tid=UA-86696233-5&_gid=335302818.1701933786&gtm=45He3bt0n81WNBGXWMv76068607&cd4=bffb6b38-358a-4b92-bd13-0754a8069f23&cd5=_&cd6=782450&cd7=17854&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1825937108.1701933786&z=1210105362

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 22:37:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31518
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tdd.svg
res.klook.com/image/upload/v1588743344/search_vertical/ Frame 4BD0 281 B
854 B 62ms
8ms Image
image/svg+xml 2600:9000:2646:8c00:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/v1588743344/search_vertical/tdd.svg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:8c00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

855bfc5bc0197159362642c2301b4645e245a87efb30022a14fc14938bd1b1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 4440675
x-cache: Hit from cloudfront
content-disposition: attachment; filename="tdd.svg"
content-length: 211
last-modified: Wed, 06 May 2020 05:35:46 GMT
server: Cloudinary
etag: "b6720aec5094e78486f9438dd0bc7935"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MF-z26E0eOOGQmoNbv3350931hMuP49sWoLHx62u4jiC_iZ6Y0QChw==

GET
H2 200 train.svg
res.klook.com/image/upload/v1588743340/search_vertical/ Frame 4BD0 696 B
1 KB 61ms
7ms Image
image/svg+xml 2600:9000:2646:8c00:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/v1588743340/search_vertical/train.svg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:8c00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

db97ef44b43160ef84f32cca924566af223e3c0b29afffd152c1f1dcd35ec9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 06:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 4582187
x-cache: Hit from cloudfront
content-disposition: attachment; filename="train.svg"
content-length: 412
last-modified: Wed, 06 May 2020 05:35:42 GMT
server: Cloudinary
etag: "44952fa94dc1574cccada70618afedef"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YQ10BqlX8Qza5kjFBRKHWTOGCJ7hFHZhDkfsQk1xJUI1hEmY_aZrsw==

GET
H2 200 wifi.svg
res.klook.com/image/upload/v1588743342/search_vertical/ Frame 4BD0 1007 B
1 KB 62ms
8ms Image
image/svg+xml 2600:9000:2646:8c00:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/v1588743342/search_vertical/wifi.svg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:8c00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d8e774dd99c16f1e1ab68af38503cba7866e7ca49dc0a8ae96c039a1440d680f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 3473916
x-cache: Hit from cloudfront
content-disposition: attachment; filename="wifi.svg"
content-length: 548
last-modified: Wed, 06 May 2020 05:35:44 GMT
server: Cloudinary
etag: "57ad38314022a0d2d82501ee872e50d0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8WU4HExwTto0jE1ou_Z2diKNXOB93nrInbt77cpDm48Ozmay6zgeag==

GET
H2 200 trans.svg
res.klook.com/image/upload/v1588743346/search_vertical/ Frame 4BD0 1 KB
1 KB 62ms
9ms Image
image/svg+xml 2600:9000:2646:8c00:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/v1588743346/search_vertical/trans.svg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2646:8c00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3e14f5430505b918b8122034a3d569ed89567ebf746bb637f30d1d4377ceaa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 22:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=604800
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 2710143
x-cache: Hit from cloudfront
content-disposition: attachment; filename="trans.svg"
content-length: 783
last-modified: Wed, 06 May 2020 05:35:48 GMT
server: Cloudinary
etag: W/"448f950de2b8b7b71c4497b08e3a05f5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: kT8OiNezFfnlheZ35OTs5jCflxwFmNlebMGizbex4E1NOigppQVGKQ==

OPTIONS
H2 200 web
log.klook.com/v2/frontlogsrv/log/ Frame 0
0 987ms
899ms Preflight 34.111.170.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.klook.com/v2/frontlogsrv/log/web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.170.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-deviceid,x-platform
Access-Control-Request-Method: POST
Origin: https://affiliate.klook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 07 Dec 2023 07:23:07 GMT
via: 1.1 google
x-cdn-vendor: gcp

POST
H3 200 v1
event.tagtoo.co/event/ 2 B
16 B 290ms
274ms Ping
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/event/v1
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 07:22:51 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

GET /
ttd-cm.tagtoo.com.tw/prn/uidm/ 0
0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 271 B
333 B 45ms
44ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=b437aced-66fe-4721-b0b7-93257057d8f0&apiKey=TYGHN5YMRB98QK332H6Q&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fyummyyummy.tw%2F&caps=16&cb=jsonpCallbackachang_tw_rec2_0

Requested by

Host: cell.adbottw.net
URL: https://cell.adbottw.net/dy/ads/native/?ca=achang_tw_rec2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

514ab6d49aacc2cfb31f89d63a0941da4698466828fc519ffe84db8587d2a8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:07 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: b05b7d75-7da9-475c-bf84-d36fdabffd4f

GET
H2 200 b
geo.yahoo.com/ 43 B
366 B 119ms
32ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:07 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 / Show response
news2.newaddiscover.com/videoads/ Frame C6E6 7 KB
3 KB 902ms
902ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a83ec6e64ed7286b0de6c85b27e0553fd9ac3a7dbe08d538a6ecd6c36d553a6

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b057a3e751989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B6gOqlQPwgYEqhg8vyNPf7EIS0i2A8y4%2Fq1s6S24sWOrITByL1oIxXLGahp%2BO714wQ10Tv0zVgA9NmodXIWCRMeCURmTJOAcdPXw%2BcGye8MWNLpFFu0V3gXjvYJ7fbvVlgSBp9nk6uqL8SLhVUK%2Fn97SXZTKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5AD7 147 KB
51 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53s&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3dc1eecce855a0bfbb0b435cbaa8941d27a52ba9eee8c5d4e9028a868ccb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51847
x-xss-protection: 0
server: cafe
etag: 13427722845132817025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:07 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5AD7 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53s&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6078
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5AD7 304 B
339 B 45ms
45ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=59272c5a-05c3-40a6-a291-5ccf86328e87&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53s&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f87393781289787a0dbc106d0f2868b7ed1b5190e7a4ad43ca50245993405e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:07 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 6b15d1f7-69fa-48f4-bc00-7b215a54357e

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 396ms
92ms Script
application/javascript 54.162.6.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1701933787749&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzN4MV9iaWdfd29yZCIsInRpbWVfc2hvd19zZWNvbmRzIjozLCJyZXF1ZXN0X2FkIjoxMDAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6NjEsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImFjaGFuZy50dyIsInVybCI6Imh0dHBzOi8vZW5saWZlc3VuLmNvbS8yMDE5LTEyLTAzLTEyOTgvIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiZmYzNzg0YzEtOWFiZC00MjkxLThlNjItYjVjMWE2NmQyMmJiIiwidWlkIjoiN2MzMGMwMzI3ZWU4OTE3ZmIwNzE3MDE5MzAxODUwNTUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNjIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiZW5saWZlc3VuLmNvbSIsInRkX3BhdGgiOiIvMjAxOS0xMi0wMy0xMjk4LyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiODk3YzUxYWUtYTAyZS00NDgwLWIyMDUtMmQyYWEwYTM2Nzc0IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.6.25 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-6-25.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Thu, 07 Dec 2023 07:23:08 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H2 200 biz_recommend_js.php Show response
api.popin.tw/ 954 B
899 B 506ms
459ms Script
application/x-javascript 2606:4700:3032::6815:1aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.tw/biz_recommend_js.php?t=1701933787759
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/achang_tw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 842a26becd5cb6f62f2ef10cca87830ab2f2d291095cb2ecefefde92e3fd333f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmOuMve3QIiCu4vJ4tI6E9YWpvtI6%2BVdGt%2ByAhj3zY4yHYMz8Rr3233lo1F1bq%2Fwcl6UPL4xBv7J%2Br9ur%2BCHPMcH4wvTbO%2BpHjItVqYoEm2vZENZ%2FRgs3LsbcNEG8dSH7TI1Sthdjv%2BaPKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 831b057dddd0f8c9-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 257ms
255ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImFjaGFuZy50dyIsInVybCI6Imh0dHBzOi8vZW5saWZlc3VuLmNvbS8yMDE5LTEyLTAzLTEyOTgvIiwidWlkIjoiN2MzMGMwMzI3ZWU4OTE3ZmIwNzE3MDE5MzAxODUwNTUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNjIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiZW5saWZlc3VuLmNvbSIsInRkX3BhdGgiOiIvMjAxOS0xMi0wMy0xMjk4LyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODk3YzUxYWUtYTAyZS00NDgwLWIyMDUtMmQyYWEwYTM2Nzc0IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1701933787744
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
222 B 257ms
256ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkX3BjXzN4MV9iaWdfd29yZCIsInRpbWVfc2hvd19zZWNvbmRzIjozLCJyZXF1ZXN0X2FkIjoxMDAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6NjEsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImFjaGFuZy50dyIsInVybCI6Imh0dHBzOi8vZW5saWZlc3VuLmNvbS8yMDE5LTEyLTAzLTEyOTgvIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiZmYzNzg0YzEtOWFiZC00MjkxLThlNjItYjVjMWE2NmQyMmJiIiwidWlkIjoiN2MzMGMwMzI3ZWU4OTE3ZmIwNzE3MDE5MzAxODUwNTUiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNjIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiZW5saWZlc3VuLmNvbSIsInRkX3BhdGgiOiIvMjAxOS0xMi0wMy0xMjk4LyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODk3YzUxYWUtYTAyZS00NDgwLWIyMDUtMmQyYWEwYTM2Nzc0IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1701933787750
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 769ms
255ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&uid=7c30c0327ee8917fb071701930185055&type=pc_pv&nid=pc&media=achang.tw&r5=cc_NONE&t=1701933787751&tz=tw
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 258ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiYWNoYW5nLnR3IiwidXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiJmZjM3ODRjMS05YWJkLTQyOTEtOGU2Mi1iNWMxYTY2ZDIyYmIiLCJ1aWQiOiI3YzMwYzAzMjdlZTg5MTdmYjA3MTcwMTkzMDE4NTA1NSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg5N2M1MWFlLWEwMmUtNDQ4MC1iMjA1LTJkMmFhMGEzNjc3NCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2VubGlmZXN1bi5jb20vMjAxOS0xMi0wMy0xMjk4LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS42MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJlbmxpZmVzdW4uY29tIiwidGRfcGF0aCI6Ii8yMDE5LTEyLTAzLTEyOTgvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1701933787751
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1037ms
255ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuNjIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiZW5saWZlc3VuLmNvbSIsInRkX3BhdGgiOiIvMjAxOS0xMi0wMy0xMjk4LyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiI4MS45NS41LjM3IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwia2V5Ijoia2V5MTcwMTkzMzc4NTA1OCIsIm5vdyI6MTcwMTkzMzc4Nzc1MSwiY2xpZW50X2lkIjoiODk3YzUxYWUtYTAyZS00NDgwLWIyMDUtMmQyYWEwYTM2Nzc0IiwidXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJ1aWQiOiI3YzMwYzAzMjdlZTg5MTdmYjA3MTcwMTkzMDE4NTA1NSIsInNtaklkIjoiIiwiZGV2aWNlIjoicGMiLCJkaXNoX21lZGlhIjoiYWNoYW5nLnR3IiwiZGlzaF9jYXRlZ29yeSI6IiIsImRpc2hfZG9tYWluIjoiZW5saWZlc3VuLmNvbSIsInZfZGlzaF9sYWJlbHMiOiIiLCJ2X2Rpc2hfdGxhYmVscyI6IiIsImxvZ2lkIjoiZmYzNzg0YzEtOWFiZC00MjkxLThlNjItYjVjMWE2NmQyMmJiIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRvbWFpbiI6ImVubGlmZXN1bi5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 767ms
253ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&uid=&type=pc_channel_pv&nid=pc&media=achang.tw&r5=ch_standard_pc_3x1_big_word&t=1701933787759&tz=tw
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 258ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZF9wY18zeDFfYmlnX3dvcmQiLCJleHBlY3RlZF9hZCI6MywicmVuZGVyZWRfYWQiOjMsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiYWNoYW5nLnR3IiwidXJsIjoiaHR0cHM6Ly9lbmxpZmVzdW4uY29tLzIwMTktMTItMDMtMTI5OC8iLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiJmZjM3ODRjMS05YWJkLTQyOTEtOGU2Mi1iNWMxYTY2ZDIyYmIiLCJ1aWQiOiI3YzMwYzAzMjdlZTg5MTdmYjA3MTcwMTkzMDE4NTA1NSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg5N2M1MWFlLWEwMmUtNDQ4MC1iMjA1LTJkMmFhMGEzNjc3NCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2VubGlmZXN1bi5jb20vMjAxOS0xMi0wMy0xMjk4LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS42MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJlbmxpZmVzdW4uY29tIiwidGRfcGF0aCI6Ii8yMDE5LTEyLTAzLTEyOTgvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4OTdjNTFhZS1hMDJlLTQ0ODAtYjIwNS0yZDJhYTBhMzY3NzQiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1701933787759
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:07 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 768ms
254ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=7c30c0327ee8917fb071701930185055&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&t=1701933787759
Requested by: Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ 231 B
542 B 26ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: enlifesun.com
URL: https://enlifesun.com/2019-12-03-1298/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 07 Dec 2023 07:23:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 / Show response
news2.newaddiscover.com/videoads/ Frame 8AB3 7 KB
3 KB 886ms
885ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1919991de713f71cee297e9efbc088af6009e4cc306369c6d0171a1b0c446fc

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b057dfa881989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHt6oOfMbO1U2FtULm0YPNEJbvoMDMpoKIEwEfeaPKX5OxplXSeoUfp9PHu55Z7atz%2BrO8dhguLnPbfckrZsc85m2okzvmrcv%2BU%2FA3nx68V9J8Wg%2FUoeXqOvNxMB7dW4IRcT7Hq0Wc%2F%2FCCkLNGC5CMhSTLtbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C6E6 147 KB
51 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9f2f19f459f40d3285b8a3d202d5edf605ca00c496d49116125bd4fb651efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51774
x-xss-protection: 0
server: cafe
etag: 10617271083820407870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:08 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C6E6 52 KB
21 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame C6E6 256 B
324 B 48ms
48ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=78&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

2bd502d5d3b669188d0a51474b978b14764157a2bfa1f4486ed745497697fbe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:08 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: dd691dec-e55f-487e-a152-157467d61995

GET
H2 200 discovery.php Show response
api.popin.tw/recommend_module/ 953 B
718 B 255ms
254ms Script
application/json 2606:4700:3032::6815:1aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.tw/recommend_module/discovery.php?uuid=&r=&u=https://enlifesun.com/2019-12-03-1298/&m=achang.tw&t=1701933788266&d=%7B%22ad%22:%5B%22%E6%B2%92%E6%93%A6%E5%8F%A3%E7%B4%85%E6%B0%A3%E8%89%B2%E5%B7%AE%EF%BC%81%E4%BA%BA%E8%94%98%E7%B2%BE%E8%A3%9C%E8%B6%B3%E7%B2%BE%E6%B0%A3%E7%A5%9E%EF%BC%8C%E8%AE%93%E4%BD%A0%E8%87%AA%E5%B8%B6%E8%98%8B%E6%9E%9C%E5%85%89%22,%22%E4%BD%A0%E6%98%AF%E5%90%A6%E4%B9%9F%E9%9C%80%E8%A6%81%E8%A3%9C%E6%B0%A3%EF%BC%9F%E8%87%89%E8%89%B2%E5%B7%AE%E7%9C%8B%E8%B5%B7%E4%BE%86%E6%B2%92%E7%B2%BE%E7%A5%9E%EF%BC%81%E8%B2%B7%E4%BA%BA%E8%94%98%E7%B2%BE%E5%86%8D%E5%8A%A0%E9%80%812%E5%85%A5%22,%22%E4%BA%BA%E8%94%98%E7%B2%BE%E6%8F%90%E7%A5%9E%E7%9C%9F%E8%A3%9C%E6%B0%A3%EF%BC%8C%E4%B8%8A%E7%8F%AD%E6%97%8F%E9%95%B7%E8%BC%A9%E9%83%BD%E9%81%A9%E7%94%A8%3Cimg%20draggable=%5C%22false%5C%22%20role=%5C%22img%5C%22%20class=%5C%22emoji%5C%22%20alt=%5C%22%E2%96%B6%5C%22%20src=%5C%22https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg%5C%22%3E%E4%B8%8B%E5%96%AE%E9%80%81%E4%BA%BA%E8%94%98%E7%B2%BE2%E5%85%A5%22%5D,%22hot%22:%5B%5D%7D
Requested by: Host: api.popin.tw
URL: https://api.popin.tw/biz_recommend_js.php?t=1701933787759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 57ec136cc1feea1539a34ff63e9ad7439d0bdea3c3af35e8ae6405ba41119f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwxDMHPa%2Fd%2Fv6OpFR5urjqORpaH%2BXDF34AvAV1dVMAkmCn7dpquDrvJ4k9lHqJHo5CtAm7pqJwfVqCFBZevb52YkxqchGnQ0%2FcemV6r%2BZXkZLnSNdrdHhgIe064hRBfVvOBtaPT%2BuuVZntg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
cf-ray: 831b0580b8a0f8c9-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NNMETTF2YB&gtm=45je3bt0v9103063672z8890810521&_p=1701933782616&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=655708928.1701933783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701933782&sct=1&seg=0&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&_s=2&tfd=6220
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNMETTF2YB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-34D08J2LV5&gtm=45je3bt0v890810521&_p=1701933782616&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=655708928.1701933783&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701933782&sct=1&seg=0&dl=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&dt=%E6%B2%96%E7%B9%A9%E6%99%AF%E9%BB%9E%EF%BD%9C%E5%82%99%E7%80%A8%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%88%E5%82%99%E7%80%AC%E3%81%AE%E3%83%95%E3%82%AF%E3%82%AE%E4%B8%A6%E6%9C%A8%EF%BC%89%EF%BC%9A%E8%B5%B0%E9%80%B2%E6%93%81%E6%9C%89%E5%85%A9%E7%99%BE%E5%B9%B4%E6%AD%B7%E5%8F%B2%E7%9A%84%E7%A6%8F%E6%9C%A8%E6%9E%97%E9%81%93%EF%BC%8C%E8%88%87%E5%85%85%E6%BB%BF%E7%A6%8F%E6%B0%A3%E7%9A%84%E6%A8%B9%E6%9C%A8%E5%80%91%E4%B8%80%E8%B5%B7%E5%91%BC%E5%90%B8%E6%98%AF%E5%A4%9A%E9%BA%BC%E7%99%82%E7%99%92%E5%95%8A%EF%BD%9E%20-%20%E4%BA%AB%E5%8F%97%E7%94%9F%E6%B4%BB%E4%B8%8D%E7%84%A1%E8%81%8A%E3%80%82%E8%A6%8F%E5%B0%8F%E5%AD%AB&_s=2&tfd=6221
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34D08J2LV5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://enlifesun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 07:23:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://enlifesun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
news2.newaddiscover.com/videoads/ Frame B32E 7 KB
3 KB 235ms
234ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52e782b50644deb03ea9d4d5f112a94b5a8b8fde271f8a04639e0cb5479d60b3

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b0581ee2c1989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4UppkgDCSPSaYicFKsAxPy8zPSXfsnKFdd8hiIlYmwLZmTxffksc2Uql4vh8wR86nPRloiTul3Hr8a1Svz89wwse21IbzIfZT5p%2BOXlaZn0VMxCNZ7bzOf1Y3reha5cH2%2FF%2BaZQANPOp64EyS9Nzxc3jOTV5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B32E 147 KB
51 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d8770757496b0e80a26858b8dd3a4f105276997950eb9357730e8fcca90fc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51769
x-xss-protection: 0
server: cafe
etag: 456601063088169613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:08 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame B32E 52 KB
21 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame B32E 256 B
325 B 71ms
70ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79a&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

8de77637a94df53f78d35237a76fe8daee431b90280a9feadd21ea77b2427e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:08 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 38
x-xss-protection: 1; mode=block
x-request-id: 3197771f-a344-4fae-968d-df7b5b50f910

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8AB3 147 KB
51 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

843324cbfee72ef37890e091952f44cbb739402d47f84f7684401835e7706aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51771
x-xss-protection: 0
server: cafe
etag: 12802893498163084637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:08 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8AB3 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6079
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 8AB3 256 B
324 B 47ms
46ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news2.newaddiscover.com
URL: https://news2.newaddiscover.com/videoads/?ca=79&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

945edd3afd7df09a25347d49bc655c869272c9cdefcd9d45026000619ac1e2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news2.newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:08 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 044e2cb3-fd19-4497-9269-b0d0003862d7

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
58ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231205&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11ee86626c8dbd1edc5700780eb68ac21c3ba75e9a5113db10b9d1c705831964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 07:23:09 GMT

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 81A7 7 KB
3 KB 914ms
914ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=55&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ec562e2e1274ab4f064752a790e9a8c153ae6f2b2a265dd99d2af7e0206dc27

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b058569fd1989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVxkr%2FOpodO84fG%2FtSz%2FeBhsQNqTDOLdnT2cuqzvsoBIhRrZntJyflIBxGM4%2F%2BgendJV96EGFiNIM2BFIh6DeC5esy9FTrjaM1FGb8EFnxSmS%2BVRReSxsGiL%2FYwpkbHUHOiGkp7QC%2FnrOXS2xGKl%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D13D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 17:20:22 GMT
expires: Thu, 05 Dec 2024 17:20:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9151 829 B
560 B 19ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cbac1fe6a0e2c51ff110a86b2f4a83f819e86be96c695fe891c058318338d32

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YSdempU_wprWqj5rZM_ISQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YSdempU_wprWqj5rZM_ISQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 07:23:09 GMT
expires: Thu, 07 Dec 2023 07:23:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D13D 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:26:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 19:26:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9151 0
0 41ms
41ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231205&jk=3317041411774925&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D13D 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ew7rTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 01DE 7 KB
3 KB 907ms
906ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53su&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371d4665499e2717f88a5e8092ffedb5498b786d883758c99be38b4882f9674f

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b05892d7e1989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naDtgz9hurHRNlxjCRt8Pa0kn7gP6cjaH4d1SfvFqoHMSD9KgJkKsxkaQZycjSwBPYV3Sfw%2F%2FL8s07vyc4EGVy6m3JNcFOv9Tm2TgRF8S1wKtUTDf%2BInpCfOb0hrUoSMPCkG5bex1dl0LKHhMi9JYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231205&jk=3317041411774925&bg=!DQ6lDkHNAAY3kmNgF5I7ADQBe5WfODX82JmZ52TIjTGTDzz4CSKDj80MVVCJfX1x98mGw0v5ZW7vuCtYDG6Ni2_ah59UAgAAAEpSAAAAAmgBB5kDCQBccJIh7-1F2yo3WH7jOvEXRwH-9sCzwYkh2ia8-A-SAiFgQQADQYInyOPTAZuNf6vwcGmozY_Mj2HU7vWCn-1NOdHAgebhR8ppo9UAGR81zeBKi8RiIvKkwxe35CpmeyjLu84XjDKMOAYkaOr3vjHz6ojhvS5AN_Cv1InflD2U2QQxjiTa9BJKiKingsOHg6nFw-bwAhF4qGCkZAd8_1HE7A-QU_xylP8LSsA4AQE1vI4Vvaue0upooM13qTjyrIC6DtKAqxVNbDxyFeSJ57Hs0tIq53DiiUVPxRHIahZHqiDDKGX-2OB66LEGPz7Ii-LY8pl0CxFm4r73Fd1dFQqWXuR7lHbhdYgu2Ih81JvTOAyXMw4x-NT5quo1MSrK30FmnU6l81WNbjW8SY3_rgVmEexHLJJWbV56rK4J_pYwjiNf8qtcaAR9J8Zw2bCr2k8NXUgYBBaEbf0MYy0OjX2zP6BVxfCdCM_jK3MeWysPZ83RMo_QY9ZoSw_FPJCx5ZdzgjDH7JKAc77ipTsqcF1VaAlmrxRTgwF8IbqW_NXJPuBOxlM80vaZTay3ePGkSiiyqyAYFViYfg6_n4eEfqhm7gP43ePOFADIomtDeJt8Hcq4HuCZAv6jc-BwRL1sODhMRokitTb4BFvkqRRSw8qznFJR5nLTgpazVei9RvqiZeXRuSzAo6DUFKKYyycbdWntzWhpIAlDSLfEUVb0EV36jaejtkLk7FTtYow2P-Q7ortiOYjlF7jlEp_zx_9P3sBuwqw9mJUHkxrq_dqDfk_7Q27jKMtEars9gdWpBT00b2wp4rMm504YMDKHCRaRL9yjesOOlf35VFU8FVi4V7sL4zBOZISTrYSI9SguUOUvKadY4KBx4e4WaPnge74I-ZRzmgTWNCoox2WaO8Hb_fNdsfMdsNQtTVp1VYaDWF7q2rmwIiwB8fybvS5Qr9p_fnuQEK18Y_vuHPlSgXFsjhzJml25TFYzfssLv5FyQIPC5_B43E_eWP2MCxLtIYs3y8PtDlFigXvOyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://enlifesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 81A7 147 KB
51 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=55&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a63466f7101fdc94a13cf5f6263114ecdf4a8ac69e29727e4c0fbf6951834733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51845
x-xss-protection: 0
server: cafe
etag: 18324953850236643121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:10 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 81A7 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=55&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6080
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 81A7 278 B
345 B 44ms
44ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=3bb92ce7-6945-4489-9dba-ed0f049e33b9&apiKey=47ZRQWJ2BWSSRZP2G772&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.damanwoo.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=55&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f6989d0d60f6ebb5cfc8393f07defe6bfb0cd87d633c492e17ba5eef9ee0bfdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:09 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 54a8e39f-5e55-4a0c-8a78-1c60b41f9921

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 6157 9 KB
3 KB 238ms
237ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53sz&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76452963925c8a4402a6246144155a3dfe0160733f7c5564d027a7a6bdf1f39a

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b058ce93d1989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4umVHe7mMueGwsWrJF%2BkJECYYPgaxZVOflGs50DMEnMqibQ4SCM16chwKAqWzxIV8R6XnaAa1mHkA9uQvGur%2FTelcizqHQBA77Q%2FC%2FKKYCvuoiwkdf0utaZnO2nuaiTpzCRCKHaWskfNLnUo3yRGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6157 147 KB
51 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53sz&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1668547fe9d2d32a715e61fb776ace3fe604ab8420ee681d74c18e7c01414fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51768
x-xss-protection: 0
server: cafe
etag: 5758838282207691575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:10 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6157 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53sz&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6157 272 B
366 B 41ms
41ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=82b2d520-8d2e-46b0-a98e-cb962a3cc515&apiKey=4FDP6RN8TMP9SZ8SKX9M&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.tagsis.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53sz&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

faa0421f49ea999b7c57801671aab29669baa06f6d44c85099970e20d05aa3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:10 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 8
x-xss-protection: 1; mode=block
x-request-id: 7e075e3d-fe12-4e14-b4ca-150d8fac2a6f

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 01DE 147 KB
51 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53su&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff10414615b9b34353e02fad4bf41392511386120cf7f1df75b8c7f5f2f552a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51764
x-xss-protection: 0
server: cafe
etag: 7267149212220356428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:10 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 01DE 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53su&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6081
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 01DE 268 B
333 B 39ms
39ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=1f110bde-5a90-48d3-bfac-10b357519c49&apiKey=4FDP6RN8TMP9SZ8SKX9M&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.tagsis.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53su&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

f8e21afe339e92d329b225bc26817521472fe90cd0c4f5f94aa251f06069705c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:10 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 7
x-xss-protection: 1; mode=block
x-request-id: 20c6208e-0c93-4288-b0f8-4e9c649a861c

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 4B07 7 KB
3 KB 246ms
246ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53m&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0876932ed576a804a47fa5a07c0e501a2d63aa8e5300892a90af8024b65adff4

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b0590ad191989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yg8qT%2BBFEenJcuXDKv7QUOzBsFc4JKFjyBzdIcqb5Sd%2FbxLKRRmsgB9YCw31XyG8G72eq0Ip2UDXTZmIYp83heBuXH1DTY2CIkAm1U%2BHg6Shj3Ot%2FVFm64YKFy3xX7KuWAtf6MVxsxeZNxNq8Arhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4B07 147 KB
51 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53m&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a8712301c8a3bf965bae9cf2f0d16575054313e564b6d0899ace9528c31830a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51768
x-xss-protection: 0
server: cafe
etag: 9239942468393790772
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4B07 52 KB
21 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53m&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6082
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4B07 304 B
339 B 47ms
47ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=209f47d8-a37a-4014-b328-d50afb8a07c9&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53m&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

ad0ed10c581adc716c1139b0975dfb43272ab4025d8f2797ccd9c619f9be501b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:10 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 2afd8a58-dcad-45e7-8b30-82acdcf2ed93

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame CE14 7 KB
3 KB 255ms
255ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53mu&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97d63d9a99fe3c5fdc7049173f8918d3dc54618bea647b4b4572cbcab0f33fa0

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b059469271989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40wtreSN%2F58ZdZxQKjurJ%2FH5fq%2BsDSJhNZNnBegaz%2Fs09YxdypHDWFnglNKFJ71X%2BnnBL%2Fmb1PtV2Tu%2B%2F%2FDqi8CgxOk7hrZd79QhMbGuWDV0fp0wMdoawD5%2FoATp1qCr6zyX%2FJ8tGd%2BNn3d762Xaig%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CE14 147 KB
51 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mu&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebc21a0eb49a5f5d9c666991bb4ed91abe3dae93d03a5285f2c1fb77a2f113d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51767
x-xss-protection: 0
server: cafe
etag: 421774115242860680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CE14 52 KB
21 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mu&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6082
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CE14 268 B
332 B 39ms
38ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=750a25e6-1cbe-40ff-a6b7-ad6190ce6a5e&apiKey=KM6XGHXJDKYDMQFMDH95&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.tagmum.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mu&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

22ab89a07da8db0ed3161ef9e7c81b0ee8ae554f1845d2acce8165373f91a537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:11 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 7
x-xss-protection: 1; mode=block
x-request-id: be52fc65-52db-4fb6-99e5-564966060967

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame FF30 7 KB
3 KB 245ms
245ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53mz&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab47105c960711c59b9dac9462bcefdcd34995859d3bf514aeb5f8266440a58

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b05982c9a1989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAa8u%2B7vSMLI03RidtnMD3vi5AdTf6Wb0l0bNhrEO8bGKaIXKhWb7idRWuH2xJ3iDr3TFTEmKasulzCOZUQ8hiXqmIvyTTID3Kn58kKNk5V5goiyPoVY8gILq%2FLRTljMBCRw1nY57L5MLz0ddNtQ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FF30 147 KB
51 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mz&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

560d40c9c783f98ff733e823fea9959c96e4be0a65dc669803f4d3fee5a78bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51763
x-xss-protection: 0
server: cafe
etag: 1437210186340051012
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:23:12 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame FF30 52 KB
21 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mz&cb=1701933784

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 05:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6083
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 07:41:49 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame FF30 272 B
336 B 39ms
38ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=fcbce73a-d346-4155-a05a-a3568e8d3fb9&apiKey=KM6XGHXJDKYDMQFMDH95&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.tagmum.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=53mz&cb=1701933784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

a057af6fd8ee3f282f19c43e5c666e82284eb55283d58815d0de1edd8ceb2f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 07 Dec 2023 07:23:12 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 7
x-xss-protection: 1; mode=block
x-request-id: 41598195-98fd-4ff2-bac6-49e7841e804c

GET
H3 200 /
newaddiscover.com/videoads/ Frame 3FAE 7 KB
3 KB 237ms
237ms Document
text/html 2606:4700:3032::6815:42a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=53&cb=1701933784
Requested by: Host: cell1.adbottw.net
URL: https://cell1.adbottw.net/dy/native/?ca=achang.tw_rec
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:42a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://enlifesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 831b059be8901989-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 07:23:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrmC%2BYG%2F5qBbr5e3oCXGU57lmly0kSPKpThUN%2F7NGUIfzCxDogPuC%2FzOxdbwnPtA2Fhi%2FVtfbFfod5WBhsNE1JffqBjFdGSSd4Ut6YX5usgA0UE1xe6kuoui3f0%2Fik3vu61WlxC3N8ax3%2B4ayZ1KRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3FAE 0
0

GET analytics.js
www.google-analytics.com/ Frame 3FAE 0
0

GET getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 3FAE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBg2EcWuheCHThER6SiGDCg&google_cver=1&google_push=AXcoOmSFoYUn44C_jeMZ4JyGCE2uFwVhjaaOdw5YVRcQkXPRO8tM7SBoECO0s1kp2c6-7_LK7bzsyFP-GeXuY7qKMpSIQtWQiGWunyXJ

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU29zEdEc83WwvE3vx60Vo1upE4W0OE2Wwio7C0yE1VohwnU1oU1O81u83mwaS0zE5W0PU1AE17U2ZwrU19E36w&__hs=19698.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7309749944037773570&__req=1&__rev=1010265475&__s=%3A%3A0bjsir&__sp=1&__user=0&dpr=1&jazoest=21951&locale=en_US&lsd=xTzvLUMGqi55ov1LwAd6Eq

Domain: ttd-cm.tagtoo.com.tw
URL: https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=090bb2b85dccbf70507c8a6b31cc074d&pid=1008&puid=7c30c0327ee8917fb071701930185055&

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Domain: ads.yap.yahoo.com
URL: https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=805162f8-1088-4522-b00d-98b103aff89e&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&cb=JSONPCallback0

Verdicts & Comments Add Verdict or Comment

379 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:28:45	Name: userId Value: dWj5kDI9a2_fFYq0a1aCP3c0i2gogONT
enlifesun.com/2019-12-03-1298	1970-01-20 18:55:09	Name: _fbp Value: fb.1.1701933786921.1341240943
.enlifesun.com/	1970-01-20 16:47:00	Name: _gid Value: GA1.2.1555568801.1701933783
.enlifesun.com/	1970-01-20 16:45:33	Name: _gat_UA-61681034-1 Value: 1
.enlifesun.com/	1970-01-20 16:45:33	Name: _gat_UA-106748821-1 Value: 1
.enlifesun.com/	1970-01-21 02:07:09	Name: __gads Value: ID=8bcff94d7c55e5be:T=1701933783:RT=1701933783:S=ALNI_Mb1fkH46RSyRvTS_bqYSjkotpJDJg
.enlifesun.com/	1970-01-21 02:07:09	Name: __gpi Value: UID=00000d0caf8136a9:T=1701933783:RT=1701933783:S=ALNI_MY_XTc4QPrLKdBaU4Qp1PV3WyFXQw
.enlifesun.com/	1970-01-21 02:21:33	Name: _ga Value: GA1.2.655708928.1701933783
.enlifesun.com/	1970-01-20 16:45:33	Name: _gat_achang_tw_rec Value: 1
.enlifesun.com/	1970-01-21 02:21:33	Name: _ga_3MGKR343MJ Value: GS1.2.1701933783.1.0.1701933783.0.0.0
.dable.io/	1970-01-20 17:03:50	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 17:03:50	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 17:03:50	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 17:03:50	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 17:03:50	Name: _kko_ck_match Value: 1
.dable.io/	1970-01-20 16:53:45	Name: _bw_ck_match Value: 1
.dable.io/	1970-01-20 17:03:50	Name: _xandr_ck_match Value: 1
.enlifesun.com/	1970-01-21 02:21:33	Name: dable_uid Value: undefined
.ctnsnet.com/	1970-01-21 01:31:09	Name: cid_8e0fbf2320844542978ac7dc112ca46c Value: 1
.ctnsnet.com/	1970-01-21 01:31:09	Name: gid_CAESEERkY2URCbr4ycE7VPoqVKA Value: 1
.w55c.net/	1970-01-21 02:17:14	Name: wfivefivec Value: t8iP1YJq1Rb8IU5
.doubleclick.net/	1970-01-21 02:07:09	Name: IDE Value: AHWqTUkWKFqmIfZgWrr0eI-jZjE-8SpWi1_0DtSnLjXB7NsI_ceEMOnZp7K2dh5PyrM
.w55c.net/	1970-01-20 17:28:45	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 17:30:12	Name: C Value: 1
.de17a.com/	1970-01-21 01:23:57	Name: guid Value: 1.2971004969355628555
.pixnet.net/	1970-01-21 02:21:33	Name: _pta Value: fwAAAWVxctgaGg0mUZnaAgP=
.adform.net/	1970-01-20 18:11:57	Name: uid Value: 9041842886279366816
.googleadservices.com/	1970-01-20 18:55:09	Name: ar_debug Value: 1
.enlifesun.com/	1970-01-21 02:21:33	Name: _ga_NNMETTF2YB Value: GS1.1.1701933782.1.0.1701933784.58.0.0
.enlifesun.com/	1970-01-21 02:21:33	Name: _ga_34D08J2LV5 Value: GS1.1.1701933782.1.0.1701933784.58.0.0
.simpli.fi/	1970-01-21 01:32:36	Name: suid Value: 68F82A6A30FE498A9BB2B33B6A1B978D
.innovid.com/	1970-01-20 18:55:09	Name: uuid Value: 3cdcc30d-5363-4346-841c-a878da897d63-20231207 02:23:05
.enlifesun.com/	1970-01-21 01:31:09	Name: _ss_pp_id Value: 7c30c0327ee8917fb071701930185055
.awin1.com/	1970-01-20 16:48:26	Name: awpv14702 Value: 412871\|1701933785\|76679680-94d1-11ee-a9f2-22382f104756
.awin1.com/	1970-01-20 16:48:26	Name: awpv20044 Value: 412871\|1701933785\|766832c0-94d1-11ee-8661-22610dd0df18
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
affiliate.klook.com/	1970-01-21 02:21:33	Name: kepler_id Value: bffb6b38-358a-4b92-bd13-0754a8069f23
.tribalfusion.com/	1970-01-20 18:55:09	Name: ANON_ID Value: abnt6ZaxlqLlnJVsPTan65PN7tEZc4ZbELrXhKiBKrHJUTVfBwe0hYq1Rpr7beQtPm2gV9bcbiZcappKrFSpbEjG9c1Xj58W
.klook.com/	1970-01-21 02:21:33	Name: _ga Value: GA1.2.1825937108.1701933786
.klook.com/	1970-01-20 16:47:00	Name: _gid Value: GA1.2.335302818.1701933786
.klook.com/	1970-01-20 16:45:33	Name: _gat_UA-86696233-5 Value: 1
.popin.cc/	1970-01-21 01:31:09	Name: uid Value: 7c30c0327ee8917fb071701930185055
.enlifesun.com/	1970-01-21 02:21:33	Name: _td Value: 897c51ae-a02e-4480-b205-2d2aa0a36774
.in.treasuredata.com/	1970-01-21 02:21:33	Name: _td_global Value: 17dd0c5e-d947-4091-8ff3-c9c010d62cac

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8969488696235010&output=html&h=280&slotname=2770522977&adk=772300056&adf=3663673752&pi=t.ma~as.2770522977&w=740&fwrn=4&fwrnh=100&lmt=1701933783&rafmt=1&format=740x280&url=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701933782769&bpp=2&bdt=281&idt=339&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C740x350&nras=1&correlator=2614163686850&frm=20&pv=1&ga_vid=655708928.1701933783&ga_sid=1701933783&ga_hid=791223721&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3419&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079825%2C31079924%2C42531705%2C42532524%2C31079954%2C44807764%2C44808148%2C44808284&oid=2&pvsid=3317041411774925&tmod=247783207&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=342 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	warning	URL: https://www.facebook.com/v18.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df221ab0efa5da64%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fenlifesun.com%2F2019-12-03-1298%2F&layout=button&locale=en_US&sdk=joey Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y5/l/en_US/ANyDMCEKMwQ.js?_nc_x=Ij3Wp8lg5Kz(Line 442) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	warning	URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df262213cb5ef99c%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Vk5nuQ1qWIw.js?_nc_x=Ij3Wp8lg5Kz(Line 351) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	warning	URL: https://www.facebook.com/v18.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb80ffdaf2c2e%26domain%3Denlifesun.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fenlifesun.com%252Ff380be9ca0513%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FenjoylifeSun%2F&locale=en_US&sdk=joey&show_facepile=true&show_posts=false Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/Vk5nuQ1qWIw.js?_nc_x=Ij3Wp8lg5Kz(Line 351) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
javascript	error	URL: https://enlifesun.com/2019-12-03-1298/ Message: Access to fetch at 'https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=090bb2b85dccbf70507c8a6b31cc074d&pid=1008&puid=7c30c0327ee8917fb071701930185055&' from origin 'https://enlifesun.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=090bb2b85dccbf70507c8a6b31cc074d&pid=1008&puid=7c30c0327ee8917fb071701930185055& Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.tagtoo.co
ad4m.at
ads.eu.criteo.com
ads.yap.yahoo.com
affiliate.klook.com
ag.innovid.com
ajax.googleapis.com
api.dable.io
api.mdeianet.com
api.popin.cc
api.popin.tw
as.ad4m.at
assets.ad4m.at
c1.adform.net
cat.nl3.eu.criteo.com
cdn.klook.com
cdn0.agoda.net
cdn6.agoda.net
cell.adbottw.net
cell1.adbottw.net
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
ecs.tagtoo.co
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
enlifesun.com
event.tagtoo.co
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
geo.yahoo.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
imageproxy.eu.criteo.net
in.treasuredata.com
inrecsys.popin.cc
log.klook.com
log.popin.cc
mts0.google.com
newaddiscover.com
news2.newaddiscover.com
pagead2.googlesyndication.com
pixanalytics.pixnet.net
pixel-sync.sitescout.com
pixel.wp.com
pm.w55c.net
prod-rtb.ad4mat.net
provider-prod.mdeianet.com
pv.medialead.de
r.popin.cc
region1.analytics.google.com
region1.google-analytics.com
res.klook.com
rtb.fr3.eu.criteo.com
s.pixanalytics.com
s.tribalfusion.com
s.w.org
s0.wp.com
s1.pimg.tw
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
sherpa.agoda.com
static-de.ad4mat.net
static.criteo.net
static.dable.io
static.xx.fbcdn.net
stats.g.doubleclick.net
stats.wp.com
sticker.events.pixnet.net
tpc.googlesyndication.com
ttd-cm.tagtoo.com.tw
tw.popin.cc
uec.tagtoo.co
um.simpli.fi
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ads.yap.yahoo.com
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
ttd-cm.tagtoo.com.tw
www.facebook.com
www.google-analytics.com
103.200.108.61
103.23.108.124
103.23.108.204
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
142.250.186.34
143.204.98.99
172.217.18.2
178.250.1.6
178.250.1.9
18.136.11.74
18.140.229.62
192.0.76.3
192.0.77.32
192.0.77.48
2001:4860:4802:32::36
203.66.32.2
213.155.156.169
23.56.205.163
2600:1901:0:76b9::
2600:9000:211e:3000:1b:29b:ed80:93a1
2600:9000:2646:8c00:e:aa0e:eb00:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::681a:e28
2606:4700:20::ac43:444e
2606:4700:3032::6815:1aa
2606:4700:3032::6815:42a4
2606:4700::6812:18ad
2a00:1288:110:c204::b000
2a00:1450:4001:802::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c1d::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a02:fa8:8806:12::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d01c:1d8:8102:1dbb:a7d1:23ff:c9b8
2a06:98c1:3121::3
3.121.34.204
3.36.186.35
34.102.218.41
34.107.150.21
34.111.12.34
34.111.170.216
34.149.108.21
34.91.62.186
34.96.83.10
35.157.241.1
35.186.193.173
37.157.4.29
54.162.6.25
69.192.160.238
87.248.100.136
91.121.248.44
92.123.150.201
98.98.134.241
011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98
0121ebdbd3e84abb8fb5e4e0f84913a0ff0f064c0cc27df0b27adfe488ab094a
017e8a139ce78047066528a3ce36405a19836764a7cf55755b29c5a0a94c0a0e
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
02a0dfaac31356fb5912205adfc9acf2647ee7dcba718d09859495b53031ad20
02d02ca34e7b0dc9e23c123d0d64bef873454092c8b6f0115ea5508a2b57527b
03c9f45e510dbaecf29fbe9036b96dff5e5deb9cb288d7d3de055693078ae263
05c5e3e953a277962fd4ed03e09c9521367597e0c207408176f9da6d6631c742
0645cc7d00365d82fca97bd894afa236f1a39e4520935bf2b3705f08d07fafb2
0806ff4935144c0e146860185404e24577e79c60a063bc5b33b493fb14c2d941
0876932ed576a804a47fa5a07c0e501a2d63aa8e5300892a90af8024b65adff4
0946d8d45bc97fa8aaaf1f1966987db3263d141d0fdb674d958b7530cfe4e65f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0993545e75c46b6d6e5e9d3ab9604c54418ee110833de50d60473c8060393802
0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a
0a8712301c8a3bf965bae9cf2f0d16575054313e564b6d0899ace9528c31830a
0b2ca46b6073b677d881fe6448bfcb6656892880a4e46c8ffa77f157b417272f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c18b42baaca6e2dc1e1fd3e3ee28ef67e5a1469eed07b88e5d426a5d2598453
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0ea77f61c292775d52575878141e552fae455f7587b0cb61ca55e50c3ae7ad47
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
11ee86626c8dbd1edc5700780eb68ac21c3ba75e9a5113db10b9d1c705831964
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
15c0cca5a6be3aab16397f9794bd3764e52f3c830db64abf7b461e35c19111ad
168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2
17a216a5e9f951bcc2f9fbe27e74ebb36c9168ecfaeb3934bc559811dc14d493
1923b379f79157978a93959bd52a489bb7c5edd516704a2f0aa384542a11309d
1959d23b1691a3d3c9cb6b3b21c7f04a9f3fc97e7560ccbbd55c593590aae059
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a524efded21c9eecc5ab07d7b3aad79be17bed5883e453f5e92f0bf04a35cfd
1b166be5ac51d463a675a2866f99be5e0ca2948e7deb558ebb62dc80acdb9607
1be35d3d84622023fcb5130128ccb83f6046953290e13397b2dae3af11d767ac
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
1cbac1fe6a0e2c51ff110a86b2f4a83f819e86be96c695fe891c058318338d32
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eeaaaea4d30de18718d40b4cad2499daccb512d363508de911f731486adb3d6
1f937725b1d1e3006292648cfd1c2664dfe3df8e68d61adea966df5b1e8f267f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
229c16cabeca272eb5bf3a7fa145ff0d02872d833062f48040d390e8684f8dbd
22ab89a07da8db0ed3161ef9e7c81b0ee8ae554f1845d2acce8165373f91a537
23dc355ffad1f57567b1f270731b1647c2a14a47c6fc9e2dc525d81c7958a6bb
2449a4c8476c8541fc2e09d7c08ad26fc9ca9d5e954fbcf698bbfc7f12980a2b
24d4074e445b349418926a124c090c52f57072dc71d3eba96550ea964367bc99
2748cf6bb561a75de6ad875049a5b0766807510d4850569de509519daf1c4869
277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55
2832ec16da02272fd00b4c49d9aaa544cb8619ddd17c3adf0dad11fe0914fb19
285cce528553dac4ded765825b9782888bbc02b6bfb9b15a033d617505a5d55a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8eefdd8b1776f129d17fe2e22d759b9051516676843435c609b9423899104c
2bd502d5d3b669188d0a51474b978b14764157a2bfa1f4486ed745497697fbe4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e926068827db5ad37f115bfe2c506674fbbb7551ab1834a9482bfb65d17f913
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
314e9922a93c4545cfe7761dfd173c0b6febdb645851caa2db613924bb4a1c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32493fca442ca7da5075117f275810f333f8120d1e8a42f7b9f8a5b7c66baeee
329629a4a5d2dccf71ef3f22df9d6556f70c9f86df3b121b194f7289dcf19bd0
3302ea2420bf26ca5e2e7b4fc40613b8894b977c77cb1a03d7dba00d05cb9228
33d95ab88bb6ebbc243c3672ac2054dde55360cd5c62646d652072fedd23cec0
371d4665499e2717f88a5e8092ffedb5498b786d883758c99be38b4882f9674f
3936d27e71d3121f3a73a35b068f09b89e10df9fb3f3755aacc16ba4a0d22565
3a3a3c10659d379891d1172383404fb727570679775339c140aa0d7375274ea9
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ab47105c960711c59b9dac9462bcefdcd34995859d3bf514aeb5f8266440a58
3df3b6a5028af349fcbe57be434c004f6dbd09d4bc7a69aa94f4d8302e9445d4
3e14f5430505b918b8122034a3d569ed89567ebf746bb637f30d1d4377ceaa5f
3f8b8f82c3744495be82d8078a16f50acd6a424af97661c2a0def138de11a13a
403f3555d8786414686cabf253b525daf6ae11e934d98526886fccb85a053196
40fdbf98de996fbdda66bcf3f22b202e2c636b74a434ff87645648cfd543ed4e
4154bea653d643d25113e2056edb0ef315796cc9ab2edad1d5843b14d09c2079
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441d3c0566b45133364c95590763943e82cd456b0658c1628c8a33f7807a1d7b
4503d1857ad021a48b44c69ff615df915ba66555a503054bea02bf2786dd3e3b
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71
466669ce0a393852b5a765c513d0b5502f0ea35a9f56847718af5aa86dcfd018
468bb82a87beb5e14b72b3cd0d554195fdc26223850940f17b202b4c70662e0b
47b069c8f1ec94af06e28e359f8e64c0cc9d7a88c2374ff0d5458a29ac037dbf
48b2ffef8d6a49c7ee63d5b570d4c1325e380109534b01093e9d95365c05c4d3
4dc4ec893f0f5d11864cb4ee01f77d17ec38fd9e8035bf6bb92b19895bcf2aeb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f004473c795fa281f1016c7aa39c85e969d6d2d35e3a551f073d4e0d0328de5
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5020e5ec0724fc65b77c0bd34c798a23c5368edc2f0f42046417eb0fbe3fa516
514ab6d49aacc2cfb31f89d63a0941da4698466828fc519ffe84db8587d2a8c4
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52e782b50644deb03ea9d4d5f112a94b5a8b8fde271f8a04639e0cb5479d60b3
52fff91e2b7cf925a65719b1a4d125cf7c330c45503010985c9b241a186878cc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b7b2cd4e4afdf98967a110be76afaa99702848dcbbe325221edbb1e37fc31c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560d40c9c783f98ff733e823fea9959c96e4be0a65dc669803f4d3fee5a78bda
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5646faed05c8c21cfeb1a495faafdc0a94747149eaf7ca77ea28c3a989149e20
57cdb0d07403dba23cf867a6d514628bdafa83693e5775b9b957460b12898d99
57ec136cc1feea1539a34ff63e9ad7439d0bdea3c3af35e8ae6405ba41119f17
593b7204c85fc43c5ae5b98f534434707cab899687bfa2c34abfbb50dc92dc49
59c781337e828bc38c20c4ed8ec4f051dea3232c4a3ca331f89be8dd61637d32
5a28a9eda46727c2081bed435f0255a723187613491710e0780bd3c36e359733
5ae982bd9c48b617d80117933646ac69210c8ded6dcdb02e495f1933fe1e8064
5b4314d71c694c16760a64cde26e26081467b669788ca140ed8d4478c4b42618
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5d425751922d00fdea08b7f5c2cc28d2bebe2ae072afe0eeb9de2afff112077c
5d8770757496b0e80a26858b8dd3a4f105276997950eb9357730e8fcca90fc92
5e5e11a87c96e0c1088405c3c0f743ffc729149b5bc6d54b50197727e824fc3c
5eb88eaa151990c7f3622806e1f8de1a79a1742341bd2fc1a8e34e227fe0af23
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f
602fb23efb442abd1994f6176cf7a37341853aa879a3611e03cb46ce60dd3d9f
60cca572452b2ccf5fcd1c294a590b0ff412b9605a86732b9345e98f0fa49055
610f2174081f4d952d1bebc1dd3e68edae88a04e99a75f11cfba172b247621a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e7361b418f85903ab43d497abce93d48796fce4f6fe74159c476de5d018aa4
628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52
62c267b5a7e6f6646a9cd4847ae3b6f26cffb21490cf5901bde7a5e5639425b9
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a017bfbd4225a919714a49895e5099c4ac535eacd94e51ce36d96bcb51e8627
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6c9ea07c52cc4b6289dc701074bc0070edc9b051827d0f6bd6ef6a994e44b96c
6ec562e2e1274ab4f064752a790e9a8c153ae6f2b2a265dd99d2af7e0206dc27
6f8d6fcf72b14427c4ff8cecac9a2c182f9911b65003f3e7e3bbd1bd6bc49884
724c6c9ce76797d6f7206cdc83574d4537a1aad4eca712206a8ea60c14880265
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73c7ee3a12ff60afab5f5311ec2b1cd6063ef5098dc9f649aca8e91d8f1f83be
76452963925c8a4402a6246144155a3dfe0160733f7c5564d027a7a6bdf1f39a
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79f95a8b8a577d527c5efc77e874a9189fd1f074deccc3e324e8fcba710bd676
7a83ec6e64ed7286b0de6c85b27e0553fd9ac3a7dbe08d538a6ecd6c36d553a6
7acacc960de81613b8c53b856a3bed117f76802e632836053299a6ecb15fa9da
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7f08d4e81386e551d82b3b289422b4bec73c1db54f05aad91c9e69b89ca17dab
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82b91c403bb4593185c877340c69d6b279f57903e9ebeffac57536b748058d5e
832c6a6e54ba8b2e53ca9deafe21389a58f3652fa97484a3e5bd200b6eca98c1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842a26becd5cb6f62f2ef10cca87830ab2f2d291095cb2ecefefde92e3fd333f
843324cbfee72ef37890e091952f44cbb739402d47f84f7684401835e7706aa1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855bfc5bc0197159362642c2301b4645e245a87efb30022a14fc14938bd1b1fe
8639261d0b3c937456936c12129d87faf7b234323bf9a15941c71975d679b32e
86faa01ec1d3c1b1808c96d2743cb94004b3f354dd2796db5e6b76a069b9651e
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
89463a7f4fb1e3bf55f37f6e0a8d40342aa23cf8dedd3176b0c49ff257a28101
896adb75b41f312934d2c084c31df6af7a461567ab9b45cc76f5124d24cc3752
8a1f60c3666871a1a0f2dee711f982af1424a1a4326a3c58d60e2cdb754aca4f
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8b4a7453818bcc399e0d44292cf622222068caccd7b7053b572e1cbcca0fc790
8b7d4285aaa45035e807805878f325b5bb4aecbed42be67235a3580a787cc536
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8de77637a94df53f78d35237a76fe8daee431b90280a9feadd21ea77b2427e46
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
945edd3afd7df09a25347d49bc655c869272c9cdefcd9d45026000619ac1e2d5
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97d63d9a99fe3c5fdc7049173f8918d3dc54618bea647b4b4572cbcab0f33fa0
98725b9da9d784cb352909dfdc456a5c6963599c5cce735387852a3b20e9ffd7
9a17d5c9655cfd2b3e4c84f1969bf51d4965414b636876a6831bdebf986ce95d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6e6d519fc934ec729d321bf87edb7693f5303e5acf33f42c82ec73777a35e3
9d34b810c3f6cbf7f98005d4624988efc4accace19779d24ed580b0f1be4f955
9de8bae48d018e64279778106da4f3a8a969245514ffc5f5c25b839e741bacea
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e9f2f19f459f40d3285b8a3d202d5edf605ca00c496d49116125bd4fb651efc
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
9fd5d835acdfcdb081d0dc2428e31387b393e881dd6163c4229c01fe36cec3c4
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a057af6fd8ee3f282f19c43e5c666e82284eb55283d58815d0de1edd8ceb2f97
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a262e072fa742a6af7e1bd89783c239e4058998c9f2417410fab837847bd910f
a2a810b029cb441118530b764ea34a4d4b8e22f3b86fbe998875568d8bc780b1
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0
a63466f7101fdc94a13cf5f6263114ecdf4a8ac69e29727e4c0fbf6951834733
a68827190bc01a61ee0a62ec59efa74497a6bc5aa8586f1fac50a58d0cf42d88
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a992ec4124ee6506446504fcb0634782976ee3c2df851aef91766c60865ad711
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac032677fc492540bb601f985bb7b3eeb2be6b81cd56d8caf71c2e4d282d97a1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad0ed10c581adc716c1139b0975dfb43272ab4025d8f2797ccd9c619f9be501b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b06a5d272de6f4e0ba3f8db8338da394f8716987f7a7e764a22b6e903c0f94cf
b0c8fe28c851482095c6e1492478a4a97c68176235b75e669b5fa01369964b7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1668547fe9d2d32a715e61fb776ace3fe604ab8420ee681d74c18e7c01414fc
b1a34905a1ab33dafe8104112c3146399e96717e7968621a867e6dd037dd8447
b1b3367a72a79b699979a7a1e8443e5862b68295fcd47b26f9cbf8381c9885b0
b301b038d25ecad92b0cd36c22815a6721cec40cefcfca0e6c302feff4189db2
b34c1afe2c5394e2277fb08bed2f3366798e72b3fe7eeffbbdb2c8baab3c434d
b3e249ed2bb3c5127daa624fc8605621fe3d7251116446c48fc18bfb2eedb72b
b41379c64c98eac99563835ac6a7e6096a78f124560a8a4ffe92284a98079db7
b484baff6b012cc823568d095cdb50a81ec0e32759264b2a094353d92a5380bc
b64e7f3a2868bb6e1fb099f5e8c26e90fbd89373be496dfa4fd280aabdd1f2b2
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8265f85dc657617d56d9de1c9762203d13e30646a40ee2f6e06b5e50068824e
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bb2e9b885843fe29b51b4d77e66d73cae8e68fbee661658a1c09ea2ae183a436
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bf4f096f9d656631111cdf91411fc73f3e68f3ddb8b8b3ea12a149554ac93cf2
bfd086f33a87ac1ee88e5ea9f3c2ee6e7215fcf460a55c82e37c0a5e445a3467
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c180314cc35a25d6b6ab952431721960402b355539071f75e69c31716f815da4
c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825
c2df9c8930ded5d0b7231ce94ed284104455b3f56e4ad2851b53675f83d59fe2
c30f226d1fcb38de7c5c6ec05adf908871464f384ce021f7eff8f9336429f560
c457b99ad67bf48974273ce18b6f53792e27067ee50aeeebf0dcf71259b634fc
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c5fca0141fd1fba5d7ab36cc0b1c62d3ad22ef3f85f2464743d16b3499d5f7c9
c7796762cda084fb07a08fb94e042ee6607188d30fab7ff1ed28a2ef2352ee08
c7f4e21978730349661a985c30335032023460431299820a54525ec957f064e5
c8e57684847fdcdfb41e402cad723883c88ff76607c98969f9f670354485e0c6
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbdb5aefaca787b23bc13bd195046bc6bbdc920deadfbda921d931b1a617d738
cc6178cdb0838f0ecb7de330f4f58eb9ad8cf48813050aca2b29bd3329f1ed25
cc7b0ce55f486e96ebebd3c50098823aa98c91733943b1249b6c2a95eea4f808
ce63cc5b6e0e4eecc0f6a3247660060f2783d900941726559850c412038aced1
cfee5e43b421600eb9ff77e293a8c051724154565b950bda0d4dbb62c9f3cb74
d0acab731cfc401b03c95159d592d84c42769457a3780e9d64860668092bf2d2
d3049455a388ab479d060097a4fb0451ba8ea8c9eeb230174bc42c67d86b8c4a
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d4719cac318d12a868f2c976a774f25bfeccd110ab03455b7c195c2f579cfc50
d53a26054d308844b2ccab2858a548c6f712c6fab0098212562584ee2aa59f67
d5d02048d625e6fdaba8063decd1e9edcd57829147090ce1d64358e54d34f4bc
d61da53d67cd069189dcfdf21ebfb8932a6ee232d190755bb37736e434c76c96
d7448f8b9522067d29bb6aa28bb3b6dc5d6de80dcbcf20cbf3ae20dc67bf031d
d77926f4fb9f211780e19d353dacc5b9d32c56ca92497d35bfa2a686b4e9f8f0
d8e774dd99c16f1e1ab68af38503cba7866e7ca49dc0a8ae96c039a1440d680f
db18cb52427e02c7de9ad4d90ca593068388c3fdac72903ee699779d92b0a74c
db97ef44b43160ef84f32cca924566af223e3c0b29afffd152c1f1dcd35ec9e7
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deacb043aba45fdec8c0a7948b084d9e4b63b58dd7264c74895c87dd8164f82d
dfe45e655c1c3fd2531e0d4b14d0c619a201dd34e3644a4de2ad1d90185f8c78
e116c9279837d501d7a34a4f732de4faf3d3dceaa47a3f1dab12645b10f03b62
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e18486f0a822e66bcc1c73910cf2e15387830d2ca9a4607159315319cd75c752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e613ed4308f865da260455901af0b7b2e0cc0bfe2c8dfa7aa4cc0aa3dcb974b8
e627a649d3c874c51258aba7bb4196c73a44873bfff2ec867f37fe919b4cf96b
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e73b9dc0dc316f1ed45520c444cf4b3b6e4d5ca71d7f077cb24ed6a7c10184e0
e93e9f28c6e8c3ed7f642e1a7a67a4a294ffabbc49909ae5d8bbaa48238ba3e9
ea7ebbac029af9f40b1878a53c69f15a1c91ee752461853a43c931181845eea9
ea98634e2b4516f30d9e1fec06fb88732d0d7e475a5dd03a79fcf93f119cae67
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
eba514e7b7edaa99932eaae7914866ef5c6259aa2608c06aa9cf16400f0e5df3
ebc21a0eb49a5f5d9c666991bb4ed91abe3dae93d03a5285f2c1fb77a2f113d7
ecc725d0c3d56d6d64dabdc77c38a5935ee2bc06a58f5b4135a970659523b2c9
ed0b3ec99c5214303ac40914db05ff0280bb4134c64c95ef3812f79d071e95fa
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65
f175c04bd69a087fa8ffc4cefc0b10a2c898d37a70c7917d1ee4c299d6514e89
f1919991de713f71cee297e9efbc088af6009e4cc306369c6d0171a1b0c446fc
f1c4916fc37af5dec08ebd1bc5138a4317fadd5b854bfc4137983b7ecfd38cf5
f2767375f9a38497e1cf2279ff98dc1407081074ccd0fda78709c84387f6c5ae
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3c519dfbf4321194895e441929f4ca29b539dad3251eb37946ba27eb5c16217
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
f6989d0d60f6ebb5cfc8393f07defe6bfb0cd87d633c492e17ba5eef9ee0bfdf
f87393781289787a0dbc106d0f2868b7ed1b5190e7a4ad43ca50245993405e6c
f8e21afe339e92d329b225bc26817521472fe90cd0c4f5f94aa251f06069705c
f912fd03b230db9f9e4dec363228b9c33cfd6521ec66f42522e49230d8daf932
fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
faa0421f49ea999b7c57801671aab29669baa06f6d44c85099970e20d05aa3bb
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
fc604f81c010c01c534c1ecd709d953ca78daaf2c7b45e31c67a640d7e5dc197
fcc1ee383a6549d1376e31e7b55e4e25428c65f2d0a506943db778a2eaf70dc1
fd3dc1eecce855a0bfbb0b435cbaa8941d27a52ba9eee8c5d4e9028a868ccb99
fda4f866e659cc61065b389be9cf2f938ea51b039d59bd08932275da8102b49d
fe331974000dc7ec851df29caced20ffd22d899ec4d16c82fad17278e9dfab20
fe541d5a8862d0ee4f0ae66b9b3c5640d3131f0e2551608fd78a9b92f4cf48c1
ff10414615b9b34353e02fad4bf41392511386120cf7f1df75b8c7f5f2f552a9

enlifesun.com Open in urlscan Pro 2606:4700:20::681a:e28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

403 Requests

96 %HTTPS

49 %IPv6

49 Domains

90 Subdomains

73 IPs

13 Countries

14759 kBTransfer

23597 kBSize

44 Cookies

47 Outgoing links

Redirected requests

403 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

enlifesun.com Open in urlscan Pro
2606:4700:20::681a:e28 Public Scan

Screenshot
Live screenshot

Full Image

403
Requests

96 %
HTTPS

49 %
IPv6

49
Domains

90
Subdomains

73
IPs

13
Countries

14759 kB
Transfer

23597 kB
Size

44
Cookies

403 HTTP transactions
6 data transactions