tw.412lala.com Open in urlscan Pro
2606:4700:3036::6815:30ab Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Submission: On May 16 via api (May 16th 2023, 1:23:03 pm UTC) from US — Scanned from DE

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 31 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3036::6815:30ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is tw.412lala.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2023. Valid for: a year.

This is the only time tw.412lala.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 32	2606:4700:303... 2606:4700:3036::6815:30ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	163.181.56.172 163.181.56.172	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	119.28.164.221 119.28.164.221	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	95.100.64.43 95.100.64.43	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.114.156.25 3.114.156.25	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	3.35.88.48 3.35.88.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:25::1726:620a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.95.15 65.9.95.15	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.249.242.97 54.249.242.97	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
116	35

32 2606:4700:3036::6815:30ab (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

tw.412lala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.412lala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.412lala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.412lala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.412lala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.172 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3-sign.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.28.164.221 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

mmbiz.qpic.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.64.43 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-64-43.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.156.25 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-156-25.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.35.88.48 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-88-48.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:25::1726:620a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-15.prg50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.242.97 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.45.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	412lala.com 3 redirects tw.412lala.com store.412lala.com popup.412lala.com count.412lala.com twstat.412lala.com	1 MB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	263 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 ad.doubleclick.net — Cisco Umbrella Rank: 173	175 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 31186 ad4m.at — Cisco Umbrella Rank: 11978 assets.ad4m.at — Cisco Umbrella Rank: 41727	750 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	dable.io static.dable.io — Cisco Umbrella Rank: 25814 api.dable.io — Cisco Umbrella Rank: 21690	40 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61315 sync.logly.co.jp — Cisco Umbrella Rank: 69744	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 28289 audiencedata.im-apps.net — Cisco Umbrella Rank: 29201	4 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 17733	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 301	794 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com — Cisco Umbrella Rank: 3697	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 153404 static-de.ad4mat.net — Cisco Umbrella Rank: 199770	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7680	696 B
2	qpic.cn mmbiz.qpic.cn — Cisco Umbrella Rank: 7378	59 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 118978	475 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 87793	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 74280	436 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 76060	261 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 776	45 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 674	363 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 60165	606 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 740	464 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	53 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385	33 KB
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 252442	565 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	603 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 98637	17 KB
1	toutiaoimg.com p3-sign.toutiaoimg.com — Cisco Umbrella Rank: 48511	41 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 106230	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
116	31

	Domain	Requested by
15	store.412lala.com	tw.412lala.com
14	tw.412lala.com	3 redirects tw.412lala.com
12	pagead2.googlesyndication.com	tw.412lala.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com tw.412lala.com pagead2.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
5	cm.g.doubleclick.net	1 redirects 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	ad.sitemaji.com securepubads.g.doubleclick.net tw.412lala.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	tw.412lala.com as.ad4m.at ad4m.at
3	www.google.com	tpc.googlesyndication.com tw.412lala.com
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	static.dable.io	tw.412lala.com api.dable.io
2	mmbiz.qpic.cn	tw.412lala.com
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	ssbsync.smartadserver.com	209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
1	dis.criteo.com	209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
1	r.turn.com	tw.412lala.com
1	ad.turn.com	1 redirects
1	www.googletagservices.com	tw.412lala.com
1	prod-rtb.ad4mat.net	tw.412lala.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	l.logly.co.jp	nt.compass-fit.jp
1	ajax.googleapis.com	api.dable.io
1	count.xxxssk.com	tw.412lala.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	nt.compass-fit.jp	tw.412lala.com
1	twstat.412lala.com	tw.412lala.com
1	count.412lala.com	tw.412lala.com
1	p3-sign.toutiaoimg.com	tw.412lala.com
1	popup.412lala.com	tw.412lala.com
1	ad.sitemaji.com	tw.412lala.com
1	cdnjs.cloudflare.com	tw.412lala.com
116	48

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-24` - `2024-02-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.toutiaoimg.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-18` - `2023-07-17`	a year	crt.sh
mmbiz.qpic.cn DigiCert Secure Site CN CA G3	`2023-02-06` - `2024-02-06`	a year	crt.sh
static.dable.io R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-04-10` - `2023-07-09`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Frame ID: 4F1CFFFABD353A2B049CC97304E7DE22
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: FA951C00C4FA62AE05308D0BDF237542
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&adk=1812271804&adf=3025194257&lmt=1684243377&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376751&bpp=3&bdt=653&idt=504&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8708239469867&frm=20&pv=2&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=523
Frame ID: 2F934B96A437461361AC3EB2754BE7BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=876248978&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376754&bpp=2&bdt=655&idt=525&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bzL1tJV7QH&p=https%3A//tw.412lala.com&dtd=529
Frame ID: 2E40127625642A7D2C6A3A67AC1CB5E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=2399512518&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376756&bpp=1&bdt=658&idt=530&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hHNYMh8gkV&p=https%3A//tw.412lala.com&dtd=535
Frame ID: 1BDA58E8E1D340F7B1443F403D32BBA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=2713295843&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376757&bpp=1&bdt=658&idt=538&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280%2C890x280&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5iRSseGIGF&p=https%3A//tw.412lala.com&dtd=541
Frame ID: 60044D2AF79B2B69F6C0919F005356AC
Requests: 1 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=06d0268e-0457-45b3-bbfb-edcc10d2eab0&id=dablewidget_goP0dJoQ&category1=%E9%85%B7%E8%BB%8A&author=0&ad_params=%7B%7D&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: 74C513E848055C5C2E93BB8B477511A1
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 27799BB6C4DF734561B1BAACBA5562AB
Requests: 9 HTTP requests in this frame

Frame: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1A34ABF73EF3B2822C8F6358C653F894
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5211681F2DDAD9D378E44EB84BF06B7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35A37241B368624DEB1DCEA80EFFB679
Requests: 2 HTTP requests in this frame

Frame: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8FBC136D13A92F83C280E80F06A3EBCA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF5fnsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEogJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGJkvb_bU8RORuu1dYQSd1ELeZVcUkeLNmo80oD-dZx3JLhU76WMGuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItODc5ODc2NTg3MDMyOTg4NRjt8YIB&sigh=VhsO2NC6UDU&uach_m=[UACH]&cid=CAQSOwBygQiD88EM55apP7WsxVy12stbcHKbSwMtyxvefd5kQmnfxr0sbQCaZFPFVWv7WdUTvawfSUekWqr1GAE
Frame ID: 1C627495C7375F72A08C78A1D9C9B662
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D
Frame ID: A5EDADCD7B11B7F1B244F291851262AF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 123B4DC96A9E0EF901567382036EC9A2
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9C605169270B6D8AA94646950CD00BB2
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: D997B5C64FDE10F02734637B141852AF
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Frame ID: 359A3BE6E5C99E593E696475090BCFB0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EC81F1459A708CBAE5B18B7C9696E56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A80565172DBDC075ABD753234C16576
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

张庭林瑞阳返回台湾，52岁张庭愁眉不展模样变化大，头顶满是白发

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

92 %
HTTPS

49 %
IPv6

31
Domains

48
Subdomains

35
IPs

8
Countries

2599 kB
Transfer

4048 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://tw.412lala.com/xstat/pop/4725273/1 HTTP 302
https://popup.412lala.com/js/ad?lang=zh&aid=4725273&host=tw.412lala.com&type=1&count=0

Request Chain 29

https://tw.412lala.com/xstat/index/3633 HTTP 302
https://count.412lala.com/?3633

Request Chain 30

https://tw.412lala.com/xstat/moneystat HTTP 302
https://twstat.412lala.com/stat

Request Chain 81

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1&google_push=ATf1kGOhG5g92uWUq5zqAAqxTDweAT4ZSqCo-7txT0jpTCS1P39acOweCNoxdjJf8gQrVl-I03snxWu5Z5MY0Ag58ahPAr2MwTHX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTI0OTE4Nzg4Mzg4MTU3MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1

Request Chain 83

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFwwPN91fF6flZgr39vaM_4&google_cver=1&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX3CQlQQV7cIlvwtaFS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX3CQlQQV7cIlvwtaFS&google_hm=DNJhizjsQcKC7yFZgem_aig

Request Chain 85

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_cver=1&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXLU4f4BbKGd8FqnTgX_KLonbCmhqvsg3miE3Mo2CVGaPW2syFVEjH3pDQqbGbavXx HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXLU4f4BbKGd8FqnTgX_KLonbCmhqvsg3miE3Mo2CVGaPW2syFVEjH3pDQqbGbavXx&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_hm=ZGODsjlTZ7z9KudqJTO84wAADKcAAAIB&google_nid=index&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXLU4f4BbKGd8FqnTgX_KLonbCmhqvsg3miE3Mo2CVGaPW2syFVEjH3pDQqbGbavXx

Request Chain 87

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEO0bsPDnlb0pncnoxk7BdWQ&google_cver=1&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0Cu6HOEbSI66gHHa2tErzLEJ2cv-Q HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEO0bsPDnlb0pncnoxk7BdWQ&google_cver=1&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0Cu6HOEbSI66gHHa2tErzLEJ2cv-Q&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sb1N1d0VORTJ1SDhLbm9wczdXRTd0X2o1bUJ2T3pjTH5B&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0Cu6HOEbSI66gHHa2tErzLEJ2cv-Q

Request Chain 103

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ-Eq8L3-f4CFRPkuwgdfn8NoQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

Request Chain 106

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1684243378_c6780821-f3ec-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09 Show response
tw.412lala.com/ 40 KB
10 KB 733ms
472ms Document
text/html 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b11c8818b72b697e38441048d3de17b2c8a7a1947c5235bd2831bf5d6f565c01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7c83eea9acd61cb5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 13:22:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGEx0U8pV3rRsJEuzSn3nv0%2FeMGNycILpwTxq8TdSAEtLahY9EFjuLBzJ7RPyzUYCXWZfxc2dtDSIihvN4btEzjUCVFYEShNbnnQV7XF9DJ9WwBGSBtHD5%2Bf%2Fqc4EaEpSzQ0wcK21h4Stl806w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 font.css
tw.412lala.com/Content/global/default/font/ 3 KB
939 B 215ms
213ms Stylesheet
text/css 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/global/default/font/font.css
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 12 May 2023 03:55:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0ac969b8584d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FffJZQ7W9a8dT1Yl5DQoLWBQbkmlSkLNGlXUB7646RpysZo3PAUTcW%2FjJVa9tonbGD5U%2F%2BVtyvakGTv%2FoiiVCJOWHyOTXm6V%2FKjwxUXj4wW5dXkVGI%2BSCTOU3k9Xa5rUJcQUW5Z6OfBvTrZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c83eeac99671cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css.css
tw.412lala.com/Content/global/default/ 23 KB
4 KB 394ms
393ms Stylesheet
text/css 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/global/default/css.css?v=31
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70a4b3c161d768b4f6f74eccd7b6149c684dfeaf056042b640d513c62ac2edf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 May 2023 09:16:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8065cfbd787d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdObGvK%2B%2FfTYKKUZbX3S1sqWeW2JM81T9iZrTZKGlaBJGHrjqYCNu3AcvwbHqQ00Y%2BxjQRrWHI0HNvja%2BIgWXzhXNd76Peb%2FwfGtvsV9AViiveTJHjDGZmnj3fyNH2mOuTQEWBHfsAIU%2F5iLSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c83eeaca96a1cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 globaldefault.css
tw.412lala.com/Content/css/ 362 B
518 B 395ms
393ms Stylesheet
text/css 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/css/globaldefault.css?v=1
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Apr 2023 08:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d2cd5385e56dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bez5kMh4nCYu%2FRGi9JEO0o7Zdxwy1hLgI%2Bl6wD%2FSxPBP5A686g09PLgsXqijOhU1i6GjiWNu%2B9ZLYimXadV4%2BtClLwxjrH4NMREVZ8rWG7RGF05WXvenmeLQpGDbTyJGSxOvZrPsU9Q5ucCxxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c83eeaca96c1cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 36ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://tw.412lala.com/
Origin: https://tw.412lala.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6642018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70bT8TrJG05K%2BA%2B8uXO3Swx7Ty7%2BaRLBXPgTlzpVl8R0Q%2Bff%2FHNi8KMIdhBk8Vl%2BZsKLqbSvcQnO%2F5tObTxYxDparFPe5HHiziQRNSmp6zjSJ47P6muxmECJwDc6%2Fi9Q4ifJUOwyNh%2B%2BHlfODc%2FIV5bo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c83eeacbade3671-FRA
expires: Sun, 05 May 2024 13:22:56 GMT

GET
H2 200 contents.css
tw.412lala.com/Content/css/ 7 KB
2 KB 530ms
529ms Stylesheet
text/css 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/css/contents.css
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:52:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0e8c02abd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iBGSmn%2FvO92fFc0RQCsMCJ7D3Bi5c8xgFpzWmEH1Noa3X6kwITW0NLp5c%2Fm8mFofr7tXl2S3ypyAQ7AfMlJDEUDFczy%2FsH7QpmS9Be0PVrEKStsGh50L7C9DPYBeh5iprR4kCPnY2qIMhjbrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c83eeaca96e1cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 openart.js Show response
tw.412lala.com/Content/js/ 86 B
420 B 419ms
418ms Script
application/javascript 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/js/openart.js
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8891fdbb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KilXBTSdfJoFQJnMzs5NVdd9ILQofdRowsYwWmIE%2BMfr74ZEdHYVzxKpe%2FK2GXvKeggDZ4uKe2c%2FrRZtWwXzqbGuAcLTvSP5IqVfljr9UjBIQHTnWkT5SBYlWq%2FsPbaIKKp43VlOOk0wm%2F3Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c83eeaca9711cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ckgd.css
tw.412lala.com/Content/css/ 2 KB
822 B 209ms
208ms Stylesheet
text/css 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/css/ckgd.css?v=1
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0fb02e7172e176e1c5f7c3dc2d3f833306722c39b54c04a37486405518ce61cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e953bcdfb65cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77Tsoi3IgSJ8XXpqIQ%2FDVGXbt6uxFkAppm1Ke4N%2FG%2Fi5qSggvZ6L1mZh1PjtoE%2FplQzuawe4MjcH6EvHAEJbssCzuFiJVeH2A8JQj1mQ3VC3xkGflV5TOZtvfBg3FauwFueZz3S01aeSVCon7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c83eeaca96f1cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 stat_vft.js Show response
tw.412lala.com/Content/js/ 642 B
741 B 532ms
531ms Script
application/javascript 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/js/stat_vft.js
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c1aa9165dc198b22913d95d9bd22c178bd53484e37714696dd3f4ed288b87663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 22 Mar 2023 12:52:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"39afa423bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2RbsW8S4nfwRsmq2tA3tDbS8r9ZyZM5VzCll7le1eTAMsg0SNxqnqlfhax26qiuh9XisMA1N4k%2BP622O0OIE9RQYVOvw0iU%2BiwZv4qjUJC4u6gMmPyuctoZOFKD7Jj6arJu7oGb%2B7DDTtSh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c83eeaca9721cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7DB5A6E93584.svg
store.412lala.com/logo/2023-05-10/ 7 KB
3 KB 211ms
24ms Image
image/svg+xml 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/logo/2023-05-10/7DB5A6E93584.svg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5d4b6e41bf03ebf0991f95f1676fdb5a7d06373eadaa52c9e3e6cbaa3e827cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18494
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 May 2023 07:11:20 GMT
server: cloudflare
etag: W/"05cbb9ee83d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhDrXX0d9MJi32cqoIDNnRRxWZZLz9PRF6GOQA1dwI7upwqyYCbOGhBnpw2njqh8QcuQI3vKCWfiHaQ0ddqenAmIDwANX2%2F6Z8d094y2Hv8TJHsSaPEi3l%2Bqk1IKAcJKuwY0iRX94nOG2X7yHM1h5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb128551cb5-FRA
expires: Tue, 23 May 2023 08:14:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 93ms
67ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5493243250542277

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98ac3e2ffd4d9ca5d1061fea861a0f56b7ab231b62decc816e39334fe05593a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Origin: https://tw.412lala.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47545
x-xss-protection: 0
server: cafe
etag: 6530570580486649152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:22:56 GMT

GET
H2 200 0FE36F9D5A87w641h854.jpeg
store.412lala.com/uploads/20230516/FE/ 66 KB
66 KB 242ms
55ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/FE/0FE36F9D5A87w641h854.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc0966d59e45b252a9669f8107bbc6c646b34d5114e4d4f62e8291ab6feca73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:28 GMT
server: cloudflare
etag: W/"2fddfe12d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txLaiG3llRKJDtV%2F5Xp%2BHARMHV%2BCHqB5svmLPHJcGiy08HI%2FEEDwiaa2Znm4DPEErjujZGuCGBFMD02UyJRLzIpdGqSLmBsjvczqbkNQpyxhibxKH4TtA646jo7INntWn%2BFJu3cATI3L2GZyHK6OMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb118501cb5-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 4131B99DB1A3w1282h830.jpeg
store.412lala.com/uploads/20230516/13/ 98 KB
99 KB 233ms
46ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/13/4131B99DB1A3w1282h830.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c3946a249ab0dc1e75b6b3f3a5f2c4673f64754f497836eee734493fb97a7e8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:31 GMT
server: cloudflare
etag: W/"1d8cb514d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6LUSqc30fP4i1sqRD55kXzUAvmTF9Xa88Q8YX4VABABC3zTthVgNybTP06w7e9Fq4xMwdIvose%2BWfcA2TgL5shuZDnDwW305cioqAoKPc6z4b4i%2BAu180qKh2a4Y6ICENPpIyINJ0orFgW%2BTpasNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb128521cb5-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 7D92CD19757Aw1282h1066.jpeg
store.412lala.com/uploads/20230516/D9/ 124 KB
125 KB 233ms
47ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/D9/7D92CD19757Aw1282h1066.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5aa7b4379fc582a3a66656f3a4ab51617abd11edce8efa13c629ae457931c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:31 GMT
server: cloudflare
etag: W/"a06ca214d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqNE6x0DmiqSeNw4%2B3V3Fe9EubrVcUaKYg21I8p6nf6RWMKfiZI%2Fkva0mz416wyKZgYYGIP1Q1dN%2FYE8Pr36KjUVNtCpesnLa1QXLkHyeQ3%2BeRBs2DtRcAGZY%2BIgCRp8aEIRvZllqNKenHoUGPkR7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb128561cb5-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 DB2321F5EC61w1364h1098.jpeg
store.412lala.com/uploads/20230516/B2/ 82 KB
82 KB 237ms
51ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/B2/DB2321F5EC61w1364h1098.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d62284cf97f146ba6f6b3b72e0a304a6ea6b8d61f93991e251ff8aaca6b948f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:31 GMT
server: cloudflare
etag: W/"d234a714d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LJHvidpHLURYr%2FtrasLupsqyDY2Oi9B6Z3E6BkPdDIo7jhhhLBkoClgfu1oHEkbdo1TYhB4HLh7QSn3ttqExDh3TMVz0z4wrcA%2FJAkc2fj4hO4ddtvYMUvMZlZO5XOvCmasseVaYZlxXIGVCWvLxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb128591cb5-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 227BA000F161w1280h1136.jpeg
store.412lala.com/uploads/20230516/27/ 106 KB
107 KB 234ms
49ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/27/227BA000F161w1280h1136.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fb22d5989483514639bcb64e60ff3c0dfd2aa1beabcab42b7a81ee15e4e162f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:31 GMT
server: cloudflare
etag: W/"a8e37914d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyFqpJpv51cG4dP1K3aJqsSzk2C5nHsy0PcSKsv8HncGgoCWm%2FYdCbiL%2BwiyyXdGl7qX9jMI81TbssWnMpfET0UDyj149ZosX0S0OoeF%2FwRPr9%2Fb7E4E9Ov8Xm8Fg1IX%2FNB4kyUo526rm%2FYkxX2bpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb1285e1cb5-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 4FE2973CE972w1026h1332.jpeg
store.412lala.com/uploads/20230516/FE/ 133 KB
133 KB 59ms
58ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/FE/4FE2973CE972w1026h1332.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 549a9331d524da3834460f2b710a5898763cfe9027fb3020846815693503a119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:31 GMT
server: cloudflare
etag: W/"18477c14d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXSOMNAWwCoWeGftWH4bNOj3fbQ9BcJPqQ6iI5HTViQ%2BiNEkfRgD1knqUfUMX79U%2BQ0m3KWlAeY6%2BFRS3A0hIYQU6d2UI1Q1CYt32qfqIV%2F19rTKtYYMUsjsgBYp6uOJ0ap5vXT8kz4XBsWk4ELUMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a559070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 EA2D6B3E30C5w1280h852.jpeg
store.412lala.com/uploads/20230516/A2/ 62 KB
63 KB 51ms
50ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/A2/EA2D6B3E30C5w1280h852.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6fddbe28d96c520b1c49d62ee24f786fd8926de121119af33f96fe61c45a7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:30 GMT
server: cloudflare
etag: W/"9574f14d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNRopZNoe0SP2z4VwHYXoVfqe%2B3WkrJgmy9LhKTLEhKCgrx12q73fRMWHdJnIxstqQJesGQAQ2A51wrhr6kxTCEVZcAZuDshNogjBbWwZ0Vk5ueZ9XYUnYWcRBR7pjrEtYHpby6APDFSBAVleXu%2F1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a569070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 40 KB
12 KB 39ms
10ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: b83654d665893a28a65ed6b06761d83ab5161d793e9aff3426a64aac5255312d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:58:56 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 21 Feb 2023 08:19:12 GMT
server: nginx/1.12.1 (Ubuntu)
age: 84240
etag: W/"63f47e80-a025"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12496
expires: Tue, 16 May 2023 13:58:56 GMT

GET
H2

200

ad Show response
popup.412lala.com/js/
Redirect Chain

https://tw.412lala.com/xstat/pop/4725273/1
https://popup.412lala.com/js/ad?lang=zh&aid=4725273&host=tw.412lala.com&type=1&count=0

0
476 B

416ms
388ms

Script
text/plain

2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.412lala.com/js/ad?lang=zh&aid=4725273&host=tw.412lala.com&type=1&count=0
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVFrgUpY1PXvzKUk9bdGUcEWRimpKYk1G5MIZc2rB%2B%2BYvwC7gxz%2B4zxwF%2BMagPNw%2BOggKBFokml%2B%2FYWaFKrvOMQzCMT56qv1CJrIZDQgOhpD7O3ucbzED6HOUdyiIC%2Fr3tKV7Y3c4WIqtdzhqn01dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 7c83eeb28a9e1cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

Redirect headers

date: Tue, 16 May 2023 13:22:57 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKL0RaAiwjevoIWk7TAeXD1NPgaQamKnJca%2FMwoJ9bzJPPssMT6geBkJvC%2BswkgWRUsOreoWo3IUnXsZPxm%2Bty7JqzDnXoI2uiJ1TsYhn430SDEKyaxrt0lLOjgYlhfIuh%2FrF%2BmTQDOBufsvOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.412lala.com/js/ad?lang=zh&aid=4725273&host=tw.412lala.com&type=1&count=0
cache-control: private
cf-ray: 7c83eeaff8689070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9AAA801E61EAw640h908.jpeg
store.412lala.com/uploads/20230516/AA/ 58 KB
58 KB 78ms
77ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/AA/9AAA801E61EAw640h908.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 405d2f4ef4bbbad3c4b1d4a988c0956eb3eaf28ef2a15e28e95ece2387605e47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 10:08:41 GMT
server: cloudflare
etag: W/"93af64de87d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqF6Z%2FDerk5IKQuDnx%2FRtjk0IHHUsQPU33CL5yDM7Z1sHRP1LLoQl3ZyEmoDbbG4unoqHlhAKdam7XsSSyMZGfhR9L%2BE%2BvvakTY0OTGyRVhFgAzC84Lx%2BxE4EzEbhavnl7RyUFtrBiJe%2F5AQQfk2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a589070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 8123C978F9DFw640h379.jpeg
store.412lala.com/uploads/20230516/12/ 26 KB
27 KB 44ms
42ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/12/8123C978F9DFw640h379.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: efa508afba0a7bc4e5328f693865d12664e98b4997138d040404a9bbdc251d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:49:30 GMT
server: cloudflare
etag: W/"1cf11db6db87d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozTqJWH2IudQWNpj9QCq0MOLENYUGlZ1Hy1rzyfUygku9rIKo5wla%2BWi7Vjsjpw3%2BTvBGR%2F8IBmv5pxbHZ8RrXiiJiX88LrcLJedspnennFLOGgwGbrQnOC1k71UW3kz8buABCeWntlERvJ8MDs0Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a599070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 26CCE4AF687Dw640h853.jpeg
store.412lala.com/uploads/20230516/6C/ 73 KB
74 KB 80ms
78ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/6C/26CCE4AF687Dw640h853.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b34769a864eca705c0941f3ce23fc92c552ac8c8e4b076714b773c848bbf5344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:39:30 GMT
server: cloudflare
etag: W/"2db9a550da87d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uiE95YBCq%2FhTNG1TsijhElObx1tVuBwGUF7i%2FcYolC6GUG81U6RZEIbugqEuW2f5k6dyN1yH7G0XxvUc6Thh%2FgS3OzRM0clYz3vO5mlG8vqOGENYp5gWkF7ZYN8QrmlllKByDT4%2B5IxZwZFi8oOLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a5a9070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 E80873A456CEw640h737.jpeg
store.412lala.com/uploads/20230516/80/ 90 KB
90 KB 86ms
85ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/80/E80873A456CEw640h737.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 96b7d26d78654c2fca6926443b38192a298f0cae7a2f3963322e3c405fef14f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:38:46 GMT
server: cloudflare
etag: W/"f9ea6036da87d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEjHPOr86UXLcR1B6RMGDlwGZ7yGt2q4M8NRk5lYpPZD8EpEPFG4DhUIRZw%2B5SVhTS1uqvtjP5FSduxcaYHkSZ1JSrE7j01uCh91pGsdLWmeHt1T%2FVjPbEm93kmxS67NkgX9OU%2B%2FjNAOArYKOj9Ocg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a5b9070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 4e660001697f6f473130
p3-sign.toutiaoimg.com/large/ 40 KB
41 KB 481ms
12ms Image
image/jpeg 163.181.56.172
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3-sign.toutiaoimg.com/large/4e660001697f6f473130?_iz=58558&from=article.pc_detail&x-expires=1684834440&x-signature=JOIB7dYuOJjTIX7%2B6OWgh1CmmIs%3D
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.181.56.172 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 0440cace71784e2f7c91f05cbdc512a3a999b7726a4f76b057ec0c1ea975fa64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 09:50:12 GMT
via: n204-100-074, cache10.l2de2[0,0,200-0,H], cache11.l2de2[1,0], ens-cache4.de4[0,0,200-0,H], ens-cache8.de4[3,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 12765
nw-session-id: 20230516105135E8E4B821E33932082CCE72hmx02tt
x-powered-by: ImageX
x-swift-cachetime: 31528080
x-cache: HIT TCP_HIT dirn:9:262902863
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=6
x-kfc-cachekey: http://06u8qzhnfz/large/4e660001697f6f473130
x-length: 40551
x-swift-savetime: Tue, 16 May 2023 12:02:12 GMT
content-length: 40551
last-modified: Tue, 16 May 2023 02:51:35 GMT
server: Tengine
x-tt-logid: 20230516105135E8E4B821E33932082CCE
x-response-date: Tue, 16 May 2023 10:51:35 GMT
ali-swift-global-savetime: 1684230612
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2023-05-16T10:51:35.510135261+08:00 53
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:27:105::35
x-response-cinfo: fdbd:dc01:27:105::35
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
timing-allow-origin: *
x-tt-trace-host: 0161939927d09456711ea8d6a802e7c0d5790de6f5f2e20e52b3ec54dfc3c27dca076405e036003ec51e3d219076ee9d29323ff35c3db89b160ce36aef1bef1ea5fef9bec765b2230ea72eaa7d995547f4
eagleid: 2ff62b2016842433770784685e

GET
H3 200 C64FDE1A77BFw640h1078.jpeg
store.412lala.com/uploads/20230516/64/ 48 KB
48 KB 88ms
86ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/64/C64FDE1A77BFw640h1078.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bda9ab3bd0d301eba15650a51bba166b3a7dcd9fe85ace36c14ea1ddce9a07e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:28:01 GMT
server: cloudflare
etag: W/"3eedf7b5d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUEnHSP0XwkmjO71ZHrpULWDgx52qbBcm93cNQiPyUskIFmIol%2Bq4ufG5PSDf8KyIdGFMYrNCWs0vT3i%2FNxUdSx%2F2pBBHaxpRBJXTy8Xm%2BHldWZftVClR7ZI6fohQ4p2QNZ9Pib7T3tigcsbs2d93w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a5c9070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 0
mmbiz.qpic.cn/sz_mmbiz_jpg/FRgqfjwW3DCWiaeYzlIeicocoxg6YBrc5fbmHrTzAicUvwnv65YzgjBgF3mnSia0u802AW58M5fZLia8yJl94nfwrcQ/ 57 KB
57 KB 1189ms
201ms Image
image/jpeg 119.28.164.221
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mmbiz.qpic.cn/sz_mmbiz_jpg/FRgqfjwW3DCWiaeYzlIeicocoxg6YBrc5fbmHrTzAicUvwnv65YzgjBgF3mnSia0u802AW58M5fZLia8yJl94nfwrcQ/0?wx_fmt=jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.28.164.221 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 34c497ed9c2dc600dfb20003d3d9b9d70d85897eb678bdadff1c849f4d7d0dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
x-cache-lookup: Hit From Disktank3
last-modified: Fri, 10 Feb 2023 03:48:47 GMT
server: NWSs
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2500000
x-nws-log-uuid: 60f2c4b2-c2ec-43b8-a03a-ffd66a0ae0c0
content-length: 57868
expires: Wed, 14 Jun 2023 11:49:37 GMT

GET
H3 200 B7AC55F3162Bw640h853.jpeg
store.412lala.com/uploads/20230516/7A/ 69 KB
69 KB 89ms
87ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/7A/B7AC55F3162Bw640h853.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1d701ba92ebdc858c2ae3e61169775bf866289ff1f16c73fdc38103b4959dfd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:23:30 GMT
server: cloudflare
etag: W/"eb56014d887d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkHkf8ln7SkHiWCY8GKtQuV7x1t7DewJbAcyIAbvAoSoPmhOLMni8yl2edXUudtwQeo2M61ag2D0%2FD9DRyx4lCqFMsR0nCHBIdjVhlrJVUcB9E2k27a5srR6HHPWD7B%2B7NuEJTnkqJtdA%2BRalLFZ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a5d9070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H3 200 9E99C3D22A2Ew640h427.jpeg
store.412lala.com/uploads/20230516/E9/ 40 KB
40 KB 92ms
90ms Image
image/jpeg 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.412lala.com/uploads/20230516/E9/9E99C3D22A2Ew640h427.jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cb81eaa4f9bea65dde2ec8f2537d2dc419628bbb610a15c4ca04d9bb235e2e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 May 2023 09:21:10 GMT
server: cloudflare
etag: W/"b1f1fdc0d787d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfsnIDcZkaWs5jDPcFNQc6w%2B%2Bx1j1a%2FZPOVz116aMFYuemQUVCxUs4GREN1ati3c5CbqkpWbPzHVPIdHiXgOliNU3tTW1aVAdPsBPAU0sJVYRgA8Tql4pO9Tufuje0HEndEcVCKeDn8Eni5t62Hj8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7c83eeb14a5e9070-FRA
expires: Tue, 23 May 2023 13:22:56 GMT

GET
H2 200 0
mmbiz.qpic.cn/sz_mmbiz_jpg/FRgqfjwW3DCic9O7W75CeibhxBr6sjZM0xibsy5AOKgicUtlfz4lwGGDWGwrLaJyLibBsQ6WWj9USvE19t93ibhkQEqQ/ 2 KB
2 KB 1149ms
200ms Image
image/jpeg 119.28.164.221
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mmbiz.qpic.cn/sz_mmbiz_jpg/FRgqfjwW3DCic9O7W75CeibhxBr6sjZM0xibsy5AOKgicUtlfz4lwGGDWGwrLaJyLibBsQ6WWj9USvE19t93ibhkQEqQ/0?wx_fmt=jpeg
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.28.164.221 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWSs /
Resource Hash: e24d1abdb4f0d7cd7c359dcd439c3ade4030701c19a2acb21f8a2acf6292d38d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-cache-lookup: Hit From Disktank3 Gz
last-modified: Thu, 01 Dec 2022 01:37:09 GMT
server: NWSs
vary: Origin
content-type: image/jpeg
cache-control: max-age=2500000
x-nws-log-uuid: f69ddd2f-a7b1-4c6c-b31f-ec3d32e79327
content-length: 1660
expires: Wed, 14 Jun 2023 11:49:37 GMT

GET
H2

200

/ Show response
count.412lala.com/
Redirect Chain

https://tw.412lala.com/xstat/index/3633
https://count.412lala.com/?3633

7 KB
2 KB

414ms
390ms

Script
text/javascript

2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.412lala.com/?3633
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ccf4cca32dff33d86303ed9be7ee4d736f7737cf17fa3c14cf2ce5e2ec121c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihzV%2Ffo9TJpJTWSr0OdFwzR7vkcBvZsOLdiaZIZ62NAtBMggKvrsnGdKRcMip5a4TFZZQ0jcmGyLIa4bnTezWDWNzxK0upo0yrgawUQ9NyzN5S7pqkyqHTj2oZQD72I3RJEXLl5J6fLDKiAizasmGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7c83eeb28aa21cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 16 May 2023 13:27:57 GMT

Redirect headers

date: Tue, 16 May 2023 13:22:57 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FB8Wez6h9ttX5evgYQ21egpsvFvY8bhY5%2Byh4%2BHckPBjkGWhk3yqcwEXfZANwZN5cOPSidHrb8ZVBkcyIoFX2tuOt0jBjtUM1TRFSfMykdGvZSMul3enRMeJAcgGPeV25GamBKEFkX2AEnUBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.412lala.com?3633
cache-control: private
cf-ray: 7c83eeaff86b9070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

stat Show response
twstat.412lala.com/
Redirect Chain

https://tw.412lala.com/xstat/moneystat
https://twstat.412lala.com/stat

1 KB
868 B

571ms
392ms

Script
text/html

2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.412lala.com/stat
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2355ddc8bc242f7c7f160c3c6d29285fbcb3ff81a4450dfc19d62f413d204757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfmFYAA7iGuS2TkS2qzRMrqEnARhXbV3B67wX6pqyxq2mcaYsc%2FW%2B6WSzvLnxE6MOdazMuQ0Sc%2FqzL9juYB6EkpgHfyZkaeHOPB7voCfgRcCuiKmZn5TPOV6YwC3b5q8ZgBuXpUGBX1guXOGu22cDbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7c83eeb3ac891cb5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 16 May 2023 13:22:57 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhsXWnoxTZQxdAhwoZwmO7Av%2BSjIzo8Dduxnpch9EdqvOsCMbFu%2BTW4V%2F9XJYmQCoeU%2BX%2BsO5SYc4YzfRqnZHVjomE3cZZYlc8w3yNa%2FwovzvMp%2Fe6hqNAdwC07JeK3uhQ2oixYAUuBFrDWAUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.412lala.com/stat
cache-control: private
cf-ray: 7c83eeaff8719070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
tw.412lala.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
9ms Script
application/javascript 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.412lala.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 12:05:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645e2b95-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdyRJz207G9ckawzTxzI9MTwusieDvOBd%2Fp5D9mMBtIJ%2FzL0%2FA8mQh1XQgy1D8PbmMrOWh8JfOR8rHoh%2BiXfNOReuFFmwpg%2FtobVpqon20%2B2Z8GFAm3SqoKgvy%2F8zvfYNhgvUxDrvImoRFdb8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c83eeaff8749070-FRA
expires: Thu, 18 May 2023 13:22:56 GMT

GET
H3 200 top.png
tw.412lala.com/Content/images/ 2 KB
2 KB 220ms
218ms Image
image/png 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tw.412lala.com/Content/images/top.png?v=3
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:56 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Mar 2023 12:52:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "73bad625bd5cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROHMq4Nc9aNGrOEktaMQBHbfgQNWu9UGCXwWGrFrIPExj%2B93JNhDiGJrLj%2FxcfiLJ%2BKjY5AlruDG7KcTJQcm9UP6qGKXxkBSqjWVZFi9f2klKRUMvUFWqJvlLDY7Tqcr2axePysEcNwMsnUC7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c83eeaff8779070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1810

GET
H3 200 globaldefault.js Show response
tw.412lala.com/Content/js/ 2 KB
1 KB 410ms
405ms Script
application/javascript 2606:4700:3036::6815:30ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.412lala.com/Content/js/globaldefault.js
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:30ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 06 Apr 2023 08:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3cdfaf4e5f68d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1PDiBBLmausP3mVrJF78S9u4I5YxSRr1TdjX7AXUbxpXkq6JpEfnPs566YSwsIdbtJ5a6Y1q1S3rfTxdCS2Fl3zOUwPBjnInIuMNeAm2zE9yu3dwJT2R8J74%2BjxbicoRzmkiKJUVu%2BsJ9RNTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c83eeaff8769070-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 99 KB
38 KB 80ms
12ms Script
application/javascript 95.100.64.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.64.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-64-43.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 0cdcfede78c5e49c27aea1dd28c8d4385b38c2e655f4559b37d8add483284037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: JFPFyFLl.RGtuvfTrGvcz0g_GJOYd.nn
content-encoding: gzip
date: Tue, 16 May 2023 13:22:56 GMT
last-modified: Sun, 14 May 2023 23:17:52 GMT
server: nginx/1.20.0
x-amz-request-id: EXZQD1M7JFHPSXCV
etag: "078110dcadb96c45e759dfee3a7279e2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=51540
accept-ranges: bytes
content-length: 38008
x-amz-id-2: OgWHq3XwDh4dnj7nvUCUiBWHFD0C0FQSyenSmQBOYGNH80pS51PfbgqhqSvGdTRcmYFDr2x3kZg=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 77 KB
17 KB 1199ms
480ms Script
text/javascript 3.114.156.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.156.25 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-156-25.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1d7de11123db1b414226bcf2104dd5e93d15e41c1e4dad060ed5d7f9e0bd4c59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 405ms
83ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5493243250542277&plah=tw.412lala.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5493243250542277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3434def557a755588f2ed233f461e4a01498887a0385000d13f07f55318eb85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122682
x-xss-protection: 0
server: cafe
etag: 7025012932310508644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:22:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame FA95 10 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5493243250542277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 10:44:58 GMT
etag: 15057649708203361565
expires: Tue, 30 May 2023 10:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 868 B
1 KB 745ms
246ms Script
text/javascript 3.35.88.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.35.88.48 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-88-48.ap-northeast-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

457425bf82dff89eacfdff50698cc0151d956e95bfcbced37de2f908317e9676

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-decorator-operation: reco-api-svc-0-stable.reco-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"364-2kyGjhdIchIybcXzCo/7ZeNhnFg"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 6

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 43ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tw.412lala.com&callback=_gfp_s_&client=ca-pub-5493243250542277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5493243250542277&plah=tw.412lala.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4d43923b7a9bc9ccecee3de6f26dbaa5e51a0f80ea9b27e48bc79e6be254c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 43ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tw.412lala.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 44ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tw.412lala.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 111ms
110ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=headling_top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F93 11 KB
5 KB 584ms
583ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&adk=1812271804&adf=3025194257&lmt=1684243377&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376751&bpp=3&bdt=653&idt=504&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8708239469867&frm=20&pv=2&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=523

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855597b0640cdb47661056d772752276d02d334a7d0565d9d4805e251a5696c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Tue, 16 May 2023 13:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E40 430 B
406 B 344ms
341ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=876248978&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376754&bpp=2&bdt=655&idt=525&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=bzL1tJV7QH&p=https%3A//tw.412lala.com&dtd=529

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f672d0cc18b0b22be14db190dc796919838a0507baff1e46a5390f0b8584488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Tue, 16 May 2023 13:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BDA 430 B
230 B 528ms
527ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=2399512518&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376756&bpp=1&bdt=658&idt=530&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hHNYMh8gkV&p=https%3A//tw.412lala.com&dtd=535

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bbcdcf7e00808771a3383138c715a133bf1628e227f4f9218cb6f4f7d6b6911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Tue, 16 May 2023 13:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6004 430 B
230 B 350ms
349ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5493243250542277&output=html&h=280&slotname=2774054064&adk=2135023891&adf=2713295843&pi=t.ma~as.2774054064&w=890&fwrn=4&fwrnh=100&lmt=1684243377&rafmt=1&format=890x280&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684243376757&bpp=1&bdt=658&idt=538&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C890x280%2C890x280&nras=1&correlator=8708239469867&frm=20&pv=1&ga_vid=889384693.1684243377&ga_sid=1684243377&ga_hid=1672975432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3849&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C44773810%2C44788442%2C44789923%2C44789818&oid=2&pvsid=3434753503888632&tmod=1555918484&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5iRSseGIGF&p=https%3A//tw.412lala.com&dtd=541

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84abd4e542eeccba1e7b2bc9a27d137185c0a394bb4599b534c32e6ed4ca5b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Tue, 16 May 2023 13:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 877ms
207ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=a58d565f-b259-620a-bf56-2bf03596da65&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&referrer=&rd=0.3024241271030559&sid=3633&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 13:22:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame 74C5 428 B
501 B 326ms
326ms Document
text/html 3.35.88.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=06d0268e-0457-45b3-bbfb-edcc10d2eab0&id=dablewidget_goP0dJoQ&category1=%E9%85%B7%E8%BB%8A&author=0&ad_params=%7B%7D&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.35.88.48 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-88-48.ap-northeast-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: a32c9ce3e306d639c25da81aa1278a5e047b8f67b02926f469c7581b3d6e21a8

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 13:22:57 GMT
server: istio-envoy
x-envoy-decorator-operation: reco-api-svc-0-stable.reco-api.svc.cluster.local:80/*
x-envoy-upstream-service-time: 85

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2779 74 KB
25 KB 102ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54525f5cdb74371043d93732ea74a770b957142ca8b3f877039cb23afe75751a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25291
x-xss-protection: 0
server: cafe
etag: 390 / 19493 / m202305090101 / config-hash: 14293715167463316945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 13:22:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 2779 402 KB
124 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 12:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3243
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 15 May 2024 12:28:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 2779 93 B
96 B 60ms
44ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tw.412lala.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e28b24c75c23f579daeb34aff12cf091e2f10ba159174f1847116f443fe90955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
expires: Tue, 16 May 2023 13:22:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2779 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tw.412lala.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2779 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tw.412lala.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2779 35 KB
13 KB 248ms
248ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1296405106341079&correlator=1227188343986556&eid=31074538%2C31074604&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=3507171008&sfv=1-0-40&sc=1&cookie=ID%3D4dc6cb054e4f83e9-2296f274d6dd0098%3AT%3D1684243377%3ART%3D1684243377%3AS%3DALNI_MbGegCumDTytYPdOTn4umGI7XOGew&gpic=UID%3D00000c16e70d1264%3AT%3D1684243377%3ART%3D1684243377%3AS%3DALNI_MZWFOUVlsbxIJzsmtc6LQA5B39psA&abxe=1&dt=1684243377827&lmt=1684243377&dlt=1684243377633&idt=157&adxs=632&adys=8266&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=dqdeutjmexjb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&top=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&frm=23&vis=1&psz=336x280&msz=336x-1&fws=256&ohw=0&ea=0&ga_vid=773978214.1684243378&ga_sid=1684243378&ga_hid=1165362967&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5287e2fc72b89099c4503330a40c72419a7dc127c1765452b83d0738a82c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13446
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tw.412lala.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2779 15 KB
11 KB 64ms
64ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28bf0ac8f80ce5e05e72967a988a62fa2054635bcdcc87f785e497c7cdaccd60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11402
x-xss-protection: 0

GET
H2 200 container.html Show response
209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A34 6 KB
3 KB 69ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Wed, 15 May 2024 13:22:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 74C5 94 KB
33 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=06d0268e-0457-45b3-bbfb-edcc10d2eab0&id=dablewidget_goP0dJoQ&category1=%E9%85%B7%E8%BB%8A&author=0&ad_params=%7B%7D&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 11:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 May 2024 11:52:40 GMT

GET
H2 200 ba-postmessage.min.js Show response
static.dable.io/static/js/lib/ Frame 74C5 2 KB
1 KB 81ms
81ms Script
application/javascript 95.100.64.43
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/js/lib/ba-postmessage.min.js
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=06d0268e-0457-45b3-bbfb-edcc10d2eab0&id=dablewidget_goP0dJoQ&category1=%E9%85%B7%E8%BB%8A&author=0&ad_params=%7B%7D&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.64.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-64-43.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: b6051f7c61b88ac61b1e92d8c8e649ccc98de87446475bca7358d4172b8a6a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: HWnYpjuJrU4MkpUvgXRVg.VWXBKx8DnJ
content-encoding: gzip
date: Tue, 16 May 2023 13:22:57 GMT
last-modified: Tue, 14 Jun 2022 02:19:11 GMT
server: nginx/1.20.0
x-amz-request-id: WSX7K07EMP4X1S1K
etag: "6abc35a9c6ce21cfa3d20eefd8af8132"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 806
x-amz-id-2: cbJO3R81YbSACg4/zBfT5vMw28QAeG3mykG2yK8TslAV5oAmLubET0jjbqx5eVYaSrGwG//4AVc=

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 71ms
7ms Script
text/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 13:22:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 542ms
262ms Script
text/plain 65.9.95.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY4NDI0MzM3N18xNjg0MjQzMzc3XzNhMzBiNjU3YTM3Zg%3D%3D&url=https%3A%2F%2Ftw.412lala.com%2Fdoc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-15.prg50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 13:22:58 GMT
Via: 1.1 c76f57c516237f120f723cde4dab446e.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: PRG50-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: _HbmwsV1wcAhshPPgyLHRFS4u2rNxSNcDzi7fiwsVCLGXXpueoy3LQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2779 17 KB
7 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 13:22:57 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5211 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:08:41 GMT
expires: Wed, 15 May 2024 13:08:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35A3 783 B
1 KB 46ms
22ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b60eb06cae29888355f4eaa0e763d968a84bd7b97aa3af1dda4898afc87fee6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jAQmnRwBXDd4lXFRNEZYlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-jAQmnRwBXDd4lXFRNEZYlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Tue, 16 May 2023 13:22:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:620a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Tue, 16 May 2023 13:22:57 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5211 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 10:27:17 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
182 B 281ms
243ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H0JBMVSTRMF23RN2A76R5WBA
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://tw.412lala.com
date: Tue, 16 May 2023 13:22:58 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35A3 0
0 109ms
108ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=1296405106341079&rc=
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5211 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GzJGaQ
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8FBC 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:57 GMT
expires: Wed, 15 May 2024 13:22:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1C62 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF5fnsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEogJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGJkvb_bU8RORuu1dYQSd1ELeZVcUkeLNmo80oD-dZx3JLhU76WMGuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItODc5ODc2NTg3MDMyOTg4NRjt8YIB&sigh=VhsO2NC6UDU&uach_m=[UACH]&cid=CAQSOwBygQiD88EM55apP7WsxVy12stbcHKbSwMtyxvefd5kQmnfxr0sbQCaZFPFVWv7WdUTvawfSUekWqr1GAE
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1C62 0
0 42ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k0drkztk6kffavkqhz7z07kht94v9txab7nfp2xagzamzbdxv8cdf5y2k99hrpt0bs8axnxajz8nz8wew8ba360zdacshp5zmp739p26qt7s60h7x4527mhsp1zk5pj827htk6b84tgy26rdt5daqw8qyc7b1bekybmxmx46py3xbmjwhybfr2vs2debnjr29j2xwht4nz5qf7tzt4nn0swcybqbn8mqbjx01xg3q93asyqxc4f4k37d68fhhnes7pmf8edz3sc6440pwaga47n5rq6p96yycdg974v6f4frnpfmk6waqedpe41j2rwwtkc1pppt7ew4sxx917qkbwk3ky4qynz9ykgee25fpkbbes6w5by77fhhz3nk3hqdpaxym6jh9yfaj8&b=ZGODsQANhKQIu8avAAFEXa2RsOiJ-38ilm5RDw
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 May 2023 13:22:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A5ED 2 KB
3 KB 56ms
28ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81767977865f2d3d635f29a3f3f2dd0479dcd756cdbec7c65c65ad7b588b31a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c83eeb97bb68fe0-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 1C62 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/window_focus_fy2021.js

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:07:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 May 2023 10:07:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 123B 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 15:17:48 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 15:17:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/ Frame 1C62 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230511/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 21:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
server: cafe
etag: 5156626137554315251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 21:14:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C62 0
0 17ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQxsxFLMBOPdA9t30qEPk6oMch_iLP8tge7pbiHhIBQ5MLndWvfgtspAC4gUWAsQwcDtfDF5oCJ-pforpIXPPosyYsM7A
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1C62 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 May 2024 09:20:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C62 170 KB
53 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 13:22:58 GMT

GET
DATA 200
OK truncated
/ Frame 1C62 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0519de0fe535695ef7c7f4c43bb6db55065b96f13aff2c6308a83e1270189fc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 123B
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1&google_push=ATf1kGOhG5g92uWUq5zqAAqxTDweAT4ZSqCo-7txT0jpTCS1P39acOweCNoxdjJf8gQrVl-I03snxWu5Z5MY0Ag58ahPAr2MwTHX
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzc4NTI0OTE4Nzg4Mzg4MTU3MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1

43 B
398 B

16ms
15ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJVSDE-YxL1mUjTwUAoqk7M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 123B 35 B
464 B 41ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHnvDCGl-VTetGtLai4GpbI&google_cver=1&google_push=ATf1kGPAVevPUAQh-T7KYoRTb7UkwChuyQgkjeOkb0C2WgWWkei1dsynFJ4Ewg8lqypb8F7dhvL-wUpSlIDZSPOlvBzmsGDxFs47

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 123B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFwwPN91fF6flZgr39vaM_4&google_cver=1&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX3CQlQQV7cIlvwtaFS&google_hm=DNJhizjsQcKC7yFZgem_aig

170 B
329 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX3CQlQQV7cIlvwtaFS&google_hm=DNJhizjsQcKC7yFZgem_aig

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPS1eUerDlLV_o-KrvIonwlAb5oPM36N1ypZGJGIIpSmiFf71d0GafmoiT9Pim79mzCMAdcteetbyX3CQlQQV7cIlvwtaFS&google_hm=DNJhizjsQcKC7yFZgem_aig
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 123B 43 B
363 B 51ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEL-Ye6XECcSaHELfeo7wUKw&google_cver=1&google_push=ATf1kGOkxB1zbNtRb-1aabGcO-UmXK4NK504HSQcY3PLRSNR5d98-_d6J0h5YxjkFO1WnXQbKHQrBVD72wQsjPdpKVBLZ-7G3gPX

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 263562
expires: Tue, 16 May 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 123B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_hm=ZGODsjlTZ7z9KudqJTO84wAADKcAAAIB&google_nid=index&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXL...

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_hm=ZGODsjlTZ7z9KudqJTO84wAADKcAAAIB&google_nid=index&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXLU4f4BbKGd8FqnTgX_KLonbCmhqvsg3miE3Mo2CVGaPW2syFVEjH3pDQqbGbavXx

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2023 13:22:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDB0YxGRAMcJDAa88OwwCc8&google_hm=ZGODsjlTZ7z9KudqJTO84wAADKcAAAIB&google_nid=index&google_push=ATf1kGNeUIxzHDzCBZo25oC2yFgd1Cl2AgKXLU4f4BbKGd8FqnTgX_KLonbCmhqvsg3miE3Mo2CVGaPW2syFVEjH3pDQqbGbavXx
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 123B 0
45 B 154ms
20ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECjt3H0tRiZJ0CurtcAhfKQ&google_cver=1&google_push=ATf1kGOTxqijRxsKycQadr_1jOINlNmvWkZCjYU6bsmidKebthpRhHYkUVQPl0mfUHIqHsueVrJD1Kh0EBWTxV6zvJBzmTLepmE_
Requested by: Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 123B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEO0bsPDnlb0pncnoxk7BdWQ&google_cver=1&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEO0bsPDnlb0pncnoxk7BdWQ&google_cver=1&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sb1N1d0VORTJ1SDhLbm9wczdXRTd0X2o1bUJ2T3pjTH5B&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYm...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sb1N1d0VORTJ1SDhLbm9wczdXRTd0X2o1bUJ2T3pjTH5B&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0Cu6HOEbSI66gHHa2tErzLEJ2cv-Q

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 13:22:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sb1N1d0VORTJ1SDhLbm9wczdXRTd0X2o1bUJ2T3pjTH5B&google_push=ATf1kGOVE02FSNhyNyQGJumNbFTIsax-u09GPca1fv0rYXlSVt9p71UYmjPW1h7_AdMwY5tLi0Cu6HOEbSI66gHHa2tErzLEJ2cv-Q
date: Tue, 16 May 2023 13:22:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 123B 0
130 B 48ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0qFshbSxZFnq7s3Wtn3atQVbDop6cIIYjPmepOp5qUtrJBrhra3pnKX3Q5H-mMlCciuoAEA

Requested by

Host: 209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
URL: https://209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame A5ED 103 KB
13 KB 20ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 683022
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1K7fGpDpVfrgAEdttXfKfiQ%2FB9nhrk4HKoFCjg7srNKeZtcVnS%2BhCoorVOl1wmFIPr8KBdmOBfZlImMLkExR%2BLUrMTjBfwX67XF0ARkUvFZY2CJy0xfb9NWY%2F53PE8BaA8HK3kv03kQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c83eeb9bbe78fe0-FRA
expires: Tue, 16 May 2023 14:22:58 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A5ED 25 KB
10 KB 35ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 13:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 499570
etag: W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGjU1XR8eGnPdGbOc0epBVMq4ubAcMqqkmU6UBBq2S9B5xXMRP00JJX5jDa6ZsbdUKF7OLK0uwflDhHrAxIqKrh1DVDyxAzshsj7z4cGqVU69NCIly2hcjtlM0Ds16QgAdvk8aY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7c83eeb9cc0b8fe0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 13:46:06 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A5ED 3 KB
4 KB 61ms
20ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3197
x-guploader-uploadid: ADPycduTog6A2JPifmWwDYui9vUCCU5W1ZNEVFDzlBRMT9l9xNdgptaa0KpBuLLbjaWfVX7sXot7cGI-Oc2HEQNQ3r-JUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktL6wd7zBdSRizpNkeXmADqOWcyFN16FiU0Sjqn%2B%2Bk1QhHxVtS9frQLZQ25ntv%2FbWMCG%2FG%2BgoukOy2aUWAZzEMmFXftSAJlDkfuYQH14GpfA8wwzxK7F2Y00oanuZ2%2BUGbf%2B2PNzdpERFdLLmcvPTZB1"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7c83eeba5d919177-FRA
expires: Tue, 16 May 2023 12:30:30 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9C60 2 KB
1 KB 32ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 469600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7c83eeba2c299a24-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 13:22:58 GMT
expires: Mon, 08 May 2023 00:16:30 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJzArZefS4yfdzn3rWw6ZSbT46b7RRqPMPv9au2yRlRfJnUmdiGXkJ6Nxelw18sSziXvdBFxSfTm%2BwVc7XrQjmxjRF1JJRi9rnAXgCkPb6EYmrzc7YScb4vwYSpCfIxLj85IQWg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 50ms
37ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c83eeba79239bee-FRA
content-length: 24
content-type: text/plain
date: Tue, 16 May 2023 13:22:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBxQIFL%2Fik0VrE7PjgVQO0wUcWArahLvB3LQGR42yaL4%2BdUQWELEbELGIiOzdO7sSQ7mjGccYPvohlLAcfIptYs99QA7qMgB58YBLumF2H7cVUqiC%2B7VaPuo%2BrPSR9sV8bq2Dks%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0pxx

POST
H3 200 rs Show response
ad4m.at/ Frame A5ED 2 KB
2 KB 43ms
42ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1ccc3d9c9ae963f8cb4b4de5a2287ec40168beb3bb2849bf56f3f86d812931

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymYtBPyjDY1ztVrQBcwzchlJ3vlIGK9G5tLNXj7DcnoLlLeT%2FCmMo44666uIF4WEGvMMlGuh84bU4zaP20MS5iDRJXh19f18jNmVKEZCuqy9%2BCu0kAB%2BFo4BFYNhy%2FTjdvw9WiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7c83eebac96a9bee-FRA
x-backend-server: aa-reachservice-group-europe-west1-0pxx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame D997 495 B
666 B 749ms
242ms Document
text/html 54.249.242.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.242.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Tue, 16 May 2023 13:22:59 GMT
etag: "64630899-1ef"
last-modified: Tue, 16 May 2023 04:37:45 GMT
server: nginx

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 359A 9 KB
4 KB 34ms
34ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9432e6b6859fd4666fd102996c66906b327696e889fadb3e56a3c47ac913ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c83eebb0d679a24-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:58 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 359A 103 KB
13 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1683559916
age: 683022
cf-polished: origSize=105839
x-guploader-uploadid: ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 15:32:28 GMT
server: cloudflare
etag: W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary: Accept-Encoding
x-goog-generation: 1683559948253618
content-type: text/css
x-goog-hash: crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZVnEH2hZXI%2F4t%2BNyaUdnPR7JRBBTQ8Yhgt2M%2FJduAhXegFrPNM6DVwXrqBIZ8R798smXzcPFFZ2s44UaU%2BqrC9ccBSIBAHO1XXqqTYaKztj1qoMozsONHc4OVtL8JN%2Ff5y1EEz27lI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 105839
cf-ray: 7c83eebb4db09a24-FRA
expires: Tue, 16 May 2023 14:22:58 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 359A 2 KB
3 KB 50ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 491583
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0RRpcPbPD%2FqK%2FbDmKOP8VCS3OagEl2qkT1zUkojyUFVPrHDMu2nykDBV7lBpdnqSnxxdemLVPw%2BhP%2BfgAcXYpIWxD9l1M1304JBiPP2nT1wVRApT%2BIyXROGBBlft%2F9apKdOKfTZn%2FM81G03"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d9b8fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 359A 339 KB
340 KB 47ms
30ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152610
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7FNWrfecjIoykPjMeobvy0rb2mrrPYzzjqLgdSry4QAbCQyznbkg6LULUJGz6wcc99PQvBSC6BAUUuLmP%2FieeDrxulLpSLm5hzcgFK2r2IsMHKMAroANP2fGaWYyIywQNdZbLulPkKPvTa0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d9a8fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 359A 43 B
704 B 148ms
95ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2023 13:22:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 359A 74 KB
74 KB 46ms
30ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1272080
cf-polished: origSize=115129, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75430
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYQ31IF6Hs9L12XIGEEd2tvbGkjK9wayPHJMxpSkc44ktMlPAS3rjdGZ65YXZ1BJORENotLM7VtmN7sIK0Ti56uqTFW2DIx0tZsFRTpk2wxY%2BZh0FQUXCXXqARILvqpkP464BmoHT3ufrxvk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d998fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H2 200 C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
assets.ad4m.at/ Frame 359A 21 KB
22 KB 47ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/C214519790640C056F434D8DDB50BCB07F64B125E2E4D5026778482090BA9FC45C4658AF375179106A92B6C2DD36789FCD39BC1923957D0DCD063E017A893CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22058
cf-polished: qual=85, origFmt=jpeg, origSize=50645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21720
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 May 2023 07:15:13 GMT
server: cloudflare
etag: "c73080cea7b29464f4dd0b5558645ab6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixbp0kmuJvHWKz4tXqI3%2B0hH9jBnsH7dhtj5cWRzfIxHAQVubIgA%2Foog2jer5PZR%2BrBKAOmCMjFgzRehC34YyvJSjTQBuZZWHS27suNXH0upY%2FMYrgtWI%2FJDbQ7GSnpe37JwF53bnKOcYj1k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d9c8fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 359A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ-Eq8L3-f4CFRPkuwgdfn8NoQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite...

49 B
1 KB

91ms
25ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 13:22:58 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Tue, 16 May 2023 13:22:58 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 359A 44 KB
44 KB 42ms
29ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 91854
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjJYabLr82j6tvZBTaIUi1Vhd0gZYy3A92DYIkXIuTqwU%2FTcCFDRkurw3jrNRZYoqqCCJRqpinEmNCx7gw8YrdHmkoaEDS3eYhuF1Jb%2Fc7OKLNheResMC4ORFo9DYf%2FyAJyniD7TvPYlxvQF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d988fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 359A 222 KB
222 KB 31ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 299878
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FBJti4HP9I9aAYuUBI0wkVQDHTmzB8l0XCRYyFtLmMEXSXfAfNQOC9e0Ex0PHUSf5mWCfh8CNG2ifolYZXcNOfFD7mGbgI%2BhG1BLTPnNbHxcrmfxPZmM%2FzfnH1JhN1I1SM4V02Zd59RMUiD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c83eebb6d968fe0-FRA
expires: Wed, 17 May 2023 13:22:58 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 359A
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1684243378_c6780821-f3ec-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

0
475 B

69ms
35ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1684243378_c6780821-f3ec-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:58 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7c83eebcaaa23735-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 16 May 2023 13:22:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1684243378_c6780821-f3ec-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2779 0
0 123ms
121ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=1296405106341079&bg=!ZWalZjLNAAYldGN0BXQ7ADkAdvg8WlwKvzsUrBOZKHOaOIcHF1iyxMb-3_HvS1ULysr9fJGNb67STDdPzTKhqUjz9t_gntaPZ-sCAAAAW1IAAAAEaAEHCgB-aDIIz1oxPTceXWKzy7gDURdx8YNsP-wDtc932lDNyQ224EX4WV4jXVj2I9vNOu57UYxdhb_nvH5oVj2SmmnJzftscYCg3b98Wr4kVJgb4uIbLb5aZYkTccoSVQF0ZNbPdh5w_Jc6lei8gOgE5I0UixgS2P4iUAm97GvbwAqfmQLB94-k3Qmu-n0Q9Eo9Dpj06K7kzDxMjsutgWi_Om6Z8WWA_hp3OaBdm9K8is02BNbzFdj7zWiZn8xMBWLt63YJmebMWx1CBGr5B8v-PK8V8RpZEx4NClfh8dB3E-F5iGS48nrPb29KPiy8RpvofHDZ5nkzcCr-LfctemBN5RulDt0B8NG9wJgKZzJ_gWdNwyZyJI0O85SbPmsa574reP0-Dms7NWJdcKKgxL3TPxCgCUtHwUkubq6f0kp6PwbTLF-3xspJsRsrOzmYVA3j0Gz2_ADEgfvqHCUroaoawV6c4iZtn4gu46cA2TjP1CmAyme6PuRMeCHqevS7m0QXNwgK0f5L4aU5hVfQLK2cH5UNDQGUselGbREmJtzqCsCS4FLKDMD9ZC1N9QxCrjrkuqUuUnFaXM8f6A0Zk6GFOJWAdZLdrqWk4o4gJ_NmbbEm3oXagHu5n3rPg9wnyn-3kNpONs8od8Fhj-chVqGTl8t7EZq2GuatHFDINR1jDlpTSYf1VqaaKw4H_TpFW0J8t94eSfYMhhY32tGFTZiH1ms6Enep98IoRH6PkortQCmEqO-5YTXszX5wWMLAPvrF_tweQ00FziNhrB4ShYEPV698A7xJoEx8dpHeYIKa7xiKVTL8AmAO2x6JzkuKVR1ceyPC25Qa_-HAEeaBFicpOab-q4g0YHI8DfWUSp2DVgcRTgPXHw7zHWgLR8ql0--6OEd3wUD752BDRraTXpKYDxE93NWSolCm-wx4ldEV8XmMECaeHFwmVnG3ND4WaEr312MrmZJOGwQjTNooApCFhxOoU74dCnuL0oCct6G84UHJTrPzp5Vof_5mYWm6WFrOxIzUmA3pOwrdSqIPXDlXxbH8HUE3MhgcwekpNiviXBB7emGvluwv6eRHRXy5PJqZU0PkLIDCQh4VagboVDDufv2dJs5f
Requested by: Host: tw.412lala.com
URL: https://tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame D997 0
268 B 242ms
242ms Script
text/plain 54.249.242.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.242.97 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-242-97.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 May 2023 13:22:59 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 60ms
60ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8114aa769e3d2c3670050a88e5acfde1a0b60fc893528e4926129a5fdb4b32a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11010
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 13:22:59 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EC8 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:12:32 GMT
expires: Wed, 15 May 2024 13:12:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A80 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3aad17a066b3fb59e269b915b84c2b8b3cfa0650da6d81b4193d731ea80f914

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1lYxav1kb2lCFn0M76bYFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.412lala.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1lYxav1kb2lCFn0M76bYFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 13:22:59 GMT
expires: Tue, 16 May 2023 13:22:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EC8 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 10:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 May 2024 10:27:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A80 0
0 109ms
108ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=3434753503888632&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5EC8 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vA2TTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 13:22:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 113ms
113ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=3434753503888632&bg=!gIOlg9fNAAYldGN0BXQ7ADkAdvg8WkSM9tXPI0AK7z43OggGxzCGV_BHNWYvJqxC3m60CfzIRWap0lwReAu3vsCeJbm58Y2LKxECAAAAP1IAAAAFaAEHmQKU5IbzMiSgA_sJmZ6ZzO2QvBEBYjiO7pfxXRvm0dnFjLK5u8iKUF_3Uko5pQgDBCz1PCqfgPfdrCNGjzXPex0bFfsWtvLvr53A5143L1sPKGnDlqXesFk545bENrQSkuZ11bLwmxSryayK-TxTx4JiPJDMRSptvNbMTGv7cj5IRtKD5GS-zCkBJ3GOz_1Fe1-IxdIsjtZClnkrJqz_GepfxiUpfs0FjJZMquaeGdn9tXD4Fu1hBAQqNwuTAbZWqwciW6YDJzIUuSqDq0Xt5dlZertf61P9xULf4SsgHKFcCkrg4IrpkqLO6H0G8MVoKHi50h5KgP3nTFst69XSLJ7lQAHgbYsf1URAch0B7Y34kDc7BfqvSe0U-MTFugIZMBCeT5hQ9p73wzqH6a2y5K0vLHXEfLSKwEXOcF-l4hpuXzbpkfd0FQkxKsuT2ZwsBNQpyoV17EmbMTGxVIRu0VVUk_ss4cKpJnTRc28qYe6XgTgJ3l1NY4_hgoNxKZ0Cd-HB77B4i9Iu_gtR1yj8Kt1jM7qOIzXVrHT37nrizbFiLDLN1TDAiviQFP5QqptloKRr2yRbL_wNIkBuR8ce9nl06boUv2y4W6BNlBwisLVOlSy6N_diPabUB1HrUlg2C--VKm0nuclphbXOip0Lp8efjU1z9Ms2WKNv50gVK7-8H3-uj4HuecRpuICPxhwI6RhlAipf_haSQckgDhSqalrDhVREziNGBCieHErmFFnibiJNhS2DpdIdPgNd9x9rvrrI74K4L2DtpZq7bhDqdXUwOR1X3_1iH_y3V2FdeW_pnBSMHk3k6KI6qbMvsGGLu4AJ8gCa3QhbWCTdpuBTS8IUHiDt6xIYzDa8afhSKvuJjjSioRO6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tw.412lala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.412lala.com/	1970-01-20 21:12:19	Name: __gads Value: ID=4dc6cb054e4f83e9-2296f274d6dd0098:T=1684243377:RT=1684243377:S=ALNI_MbGegCumDTytYPdOTn4umGI7XOGew
.412lala.com/	1970-01-20 21:12:19	Name: __gpi Value: UID=00000c16e70d1264:T=1684243377:RT=1684243377:S=ALNI_MZWFOUVlsbxIJzsmtc6LQA5B39psA
tw.412lala.com/	1970-01-20 11:51:04	Name: xxxsskguid3633 Value: a58d565f-b259-620a-bf56-2bf03596da65
tw.412lala.com/	1970-01-20 11:51:04	Name: lastlocation3633 Value: https%3A//tw.412lala.com/doc_UWJRcXJscWZkVVBlKzVvTWN5dFY2UT09
.dable.io/	1970-01-20 12:08:38	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 12:08:38	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 12:08:38	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 12:08:38	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 12:08:38	Name: _kko_ck_match Value: 1
.tw.412lala.com/	1970-01-20 21:26:43	Name: dable_uid Value: 00000000.0000000000000
.tw.412lala.com/	1970-01-20 12:33:55	Name: _im_vid Value: 01H0JBMVSTRMF23RN2A76R5WBA
.doubleclick.net/	1970-01-20 21:12:19	Name: IDE Value: AHWqTUkQcE3a2R-9NcVrUWLUQNuhM9-FNw94WZhD4VtkjRu3j8Ui0eDGzhpuTWngKRc
.quantserve.com/	1970-01-20 14:00:19	Name: d Value: EDEBCQGAKYEA
.quantserve.com/	1970-01-20 21:20:57	Name: mc Value: 646383b2-2dd7d-fc5e4-e1ef0
.ctnsnet.com/	1970-01-20 20:36:19	Name: cid_0cd2618b38ec41c282ef215981e9bf6a Value: 1
.ctnsnet.com/	1970-01-20 20:36:19	Name: gid_CAESEFwwPN91fF6flZgr39vaM_4 Value: 1
.yahoo.com/	1970-01-20 20:36:40	Name: A3 Value: d=AQABBLKDY2QCEKLC6gkxWGMu9HIfYYwM0IoFEgEBAQHVZGRtZOAKyiMA_eMAAA&S=AQAAAvsaE7CRw75sghjG7_Fnbfw
.casalemedia.com/	1970-01-20 20:36:19	Name: CMID Value: ZGODsjlTZ7z9KudqJTO84wAA
.casalemedia.com/	1970-01-20 14:00:19	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 14:00:19	Name: CMPRO Value: 3239
.analytics.yahoo.com/	1970-01-20 20:36:19	Name: IDSYNC Value: 18yx~2bod
.awin1.com/	1970-01-20 11:53:36	Name: awpv20044 Value: 412871\|1684243378\|c6712a52-f3ec-11ed-bcf6-22336c0ce064
.awin1.com/	1970-01-20 11:55:02	Name: awpv11354 Value: 412871\|1684243378\|c6780821-f3ec-11ed-b339-2265b7c46fb7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 11:55:02	Name: HTLP_timestamp Value: 1684243378681
www.conrad.de/	1970-01-20 11:55:02	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 11:50:45	Name: __cf_bm Value: rg_y87esXoHTUPaSl93rtf8LYEYTM59bEjsFJyDtdzQ-1684243378-0-ASN5+OQaHqHpXp4iCY8MmMAiwBl8I2vN7UP6U2MAIOeRBAnJhtH8jlDkpsZ+uxHiJnOB7T28YfyQJtXFwyRmzak=
.turn.com/	1970-01-20 16:09:55	Name: uid Value: 7785249187883881570
.o2online.de/	1970-01-20 12:00:48	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDI0MzM3OHZsZWExZGUyMDIzMDUxNjE1MjI1ODg0OTgzMTE1Nzk5WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRlazhhM2ZWZmticmFqSFpIZXQxdDQ0NUh3U1FUS0tNc0p4RUdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/	1970-01-20 12:00:48	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 12:00:48	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023051615225884983115799X117679V1226132702MSviewoneidek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEGoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDI0MzM3OHZsZWExZGUyMDIzMDUxNjE1MjI1ODg0OTgzMTE1Nzk5WDExNzY3OVYxMjI2MTMyNzAyT

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1k0wb441afw0xradz293tawvj58f0ghjvx39qey94exnhayvkj8pmbth0mesgrdaetp51kd06t57dswfd65yxhyga33w3yc3emy1cd2enckz8a7y5fp2gr5dz7bms2a30baf2ecb86egnwzwj69bbaq98g5sjkaxch54395cfhwgyad4s86yapgjyrb7n3b1phb3tfapdfk09fm5xpvh58gvy7k5spkq80qwpm4999g5xtx1nz39fjhrh56yr60qs8wqhnt06sggbea3n3d5dm67gw5kh2n9zgzcen4kq2x0n1sh3bwgycsebbp6k3nsjxxhh1trx0mx6g56heqw9wbm8pk85db51m9d1ykf88zrks4dc2krat2879ecvrqcb2f8xntgeemxm5bzqmnxjsq2zxwcebbcagfpfbzgxpzk9sexrh1q58kec60zfcc02fg1m2733r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%26client%3Dca-pub-8798765870329885%26adurl%3D Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=117569%2C19877%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cek8a3fVfkbrajHZHet1t445HwSQTKKMsJxEG%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CD13t3fwfApGU3HmH9twCZZJSxSmTYYQSZMQg%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=250&e=&g=4285a8e77649152c367b112482845bb2%2F3115778471535114004&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684243378382&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ht5nrqmph1yydc06m82aprkhg7319s0v1k8g7j7gakhk21sd4s83wm30x30znvz1y02bem293xvptwtgprergkg6a9b26mt3chxwegvxzvgrwp3krphtb5q33zmmyqc5gwh87nqtx2yv1nd1aq45ae4yy0zvvmya73eprg9p4heg5167aczbatae86svtrt70v974th70gje8kwrd89drb297qasy1gs9snr6mmtgevqtt1gkbv2b6n00qy4jga06vzn6vjdzbxa0dn9s72q6em%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCr-elsYNjZKSJNq-N7_UP3YiF0AWQ4YGEXLaoworwAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi04Nzk4NzY1ODcwMzI5ODg1yAEJqQK4Sb-1M2eyPuACAKgDAaoEpQJP0BZo3mxWyC7IUDyy0ebFZVWe4lYRKFWBaBX6F1N4uB16hOp_YrYw5JvAw9QM1PTg3iaM9bTUSUCeQwe5Zu7kaW-SiJwJjNZzOS2uZhnhyjG4HaJkno81JvHzy_mf89NRC4aE7GuXxmpL9SeSKoIsisKyc1zpqISWr_woruEJM7TRBomqLyOnpP_l97BcdGcZyrqec8Npt93aZZZ2G2LsHPhBrI7xm6QbgjDfb3FMgJ4DkVE0eQGO6VXib0-0-FGuBSKucwQSZF7VBmasPMxW0KPhrAiXezZhONlA9-I50f-f9mi3SFhqQvRfRsJLus4NA4qhxYe6W-BjPGImv55JhD3JBiMyPRLIPsP5QIFW_02lLre8EMlsjQhpCKCBMzrM0hxvOOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1B-98ElULKZS1IaN2OD_N2K8vm4w%2526client%253Dca-pub-8798765870329885%2526adurl%253D&y=1&s=&z=0 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

209a12322e4293f7b4e4064aba4f6f6c.safeframe.googlesyndication.com
ad.doubleclick.net
ad.sitemaji.com
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.dable.io
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
count.412lala.com
count.xxxssk.com
dis.criteo.com
dmp.im-apps.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
l.logly.co.jp
mmbiz.qpic.cn
nt.compass-fit.jp
p3-sign.toutiaoimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
popup.412lala.com
prod-rtb.ad4mat.net
r.turn.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.dable.io
store.412lala.com
sync.logly.co.jp
tpc.googlesyndication.com
tw.412lala.com
twstat.412lala.com
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
104.102.45.165
119.28.16.172
119.28.164.221
142.250.185.130
142.250.185.230
163.181.56.172
167.233.13.224
178.250.1.9
185.80.39.216
185.86.139.102
2600:1901:0:76b9::
2600:1901:0:e207::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3036::6815:30ab
2606:4700::6811:180e
2606:4700::6812:7f05
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:480:25::1726:620a
3.114.156.25
3.35.88.48
3.75.62.37
35.186.193.173
35.186.215.140
46.228.164.11
54.249.242.97
65.9.95.15
84.200.5.215
95.100.64.43
0440cace71784e2f7c91f05cbdc512a3a999b7726a4f76b057ec0c1ea975fa64
0519de0fe535695ef7c7f4c43bb6db55065b96f13aff2c6308a83e1270189fc6
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdcfede78c5e49c27aea1dd28c8d4385b38c2e655f4559b37d8add483284037
0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7
0fb02e7172e176e1c5f7c3dc2d3f833306722c39b54c04a37486405518ce61cb
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d701ba92ebdc858c2ae3e61169775bf866289ff1f16c73fdc38103b4959dfd5
1d7de11123db1b414226bcf2104dd5e93d15e41c1e4dad060ed5d7f9e0bd4c59
2355ddc8bc242f7c7f160c3c6d29285fbcb3ff81a4450dfc19d62f413d204757
243b5023074477a6410ea68994d4c5c4090300de8967dee3b15a0c0482962899
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28bf0ac8f80ce5e05e72967a988a62fa2054635bcdcc87f785e497c7cdaccd60
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34c497ed9c2dc600dfb20003d3d9b9d70d85897eb678bdadff1c849f4d7d0dd5
405d2f4ef4bbbad3c4b1d4a988c0956eb3eaf28ef2a15e28e95ece2387605e47
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
457425bf82dff89eacfdff50698cc0151d956e95bfcbced37de2f908317e9676
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f672d0cc18b0b22be14db190dc796919838a0507baff1e46a5390f0b8584488
54525f5cdb74371043d93732ea74a770b957142ca8b3f877039cb23afe75751a
549a9331d524da3834460f2b710a5898763cfe9027fb3020846815693503a119
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfeb4337290e6235a15bd50843785ea883b1a91888e439d86453c4b5507c71
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
70a4b3c161d768b4f6f74eccd7b6149c684dfeaf056042b640d513c62ac2edf9
7bbcdcf7e00808771a3383138c715a133bf1628e227f4f9218cb6f4f7d6b6911
8114aa769e3d2c3670050a88e5acfde1a0b60fc893528e4926129a5fdb4b32a1
84abd4e542eeccba1e7b2bc9a27d137185c0a394bb4599b534c32e6ed4ca5b1b
855597b0640cdb47661056d772752276d02d334a7d0565d9d4805e251a5696c0
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8c9432e6b6859fd4666fd102996c66906b327696e889fadb3e56a3c47ac913ae
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96b7d26d78654c2fca6926443b38192a298f0cae7a2f3963322e3c405fef14f3
98ac3e2ffd4d9ca5d1061fea861a0f56b7ab231b62decc816e39334fe05593a1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9b60eb06cae29888355f4eaa0e763d968a84bd7b97aa3af1dda4898afc87fee6
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a32c9ce3e306d639c25da81aa1278a5e047b8f67b02926f469c7581b3d6e21a8
a3434def557a755588f2ed233f461e4a01498887a0385000d13f07f55318eb85
a3aad17a066b3fb59e269b915b84c2b8b3cfa0650da6d81b4193d731ea80f914
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d4b6e41bf03ebf0991f95f1676fdb5a7d06373eadaa52c9e3e6cbaa3e827cb
a81767977865f2d3d635f29a3f3f2dd0479dcd756cdbec7c65c65ad7b588b31a
ab4d43923b7a9bc9ccecee3de6f26dbaa5e51a0f80ea9b27e48bc79e6be254c3
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b11c8818b72b697e38441048d3de17b2c8a7a1947c5235bd2831bf5d6f565c01
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b34769a864eca705c0941f3ce23fc92c552ac8c8e4b076714b773c848bbf5344
b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c
b5aa7b4379fc582a3a66656f3a4ab51617abd11edce8efa13c629ae457931c6f
b6051f7c61b88ac61b1e92d8c8e649ccc98de87446475bca7358d4172b8a6a92
b83654d665893a28a65ed6b06761d83ab5161d793e9aff3426a64aac5255312d
bb1ccc3d9c9ae963f8cb4b4de5a2287ec40168beb3bb2849bf56f3f86d812931
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bda9ab3bd0d301eba15650a51bba166b3a7dcd9fe85ace36c14ea1ddce9a07e0
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c1aa9165dc198b22913d95d9bd22c178bd53484e37714696dd3f4ed288b87663
c3946a249ab0dc1e75b6b3f3a5f2c4673f64754f497836eee734493fb97a7e8d
cb81eaa4f9bea65dde2ec8f2537d2dc419628bbb610a15c4ca04d9bb235e2e37
cc0966d59e45b252a9669f8107bbc6c646b34d5114e4d4f62e8291ab6feca73f
ccf4cca32dff33d86303ed9be7ee4d736f7737cf17fa3c14cf2ce5e2ec121c83
d62284cf97f146ba6f6b3b72e0a304a6ea6b8d61f93991e251ff8aaca6b948f0
d6fddbe28d96c520b1c49d62ee24f786fd8926de121119af33f96fe61c45a7c0
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
e24d1abdb4f0d7cd7c359dcd439c3ade4030701c19a2acb21f8a2acf6292d38d
e28b24c75c23f579daeb34aff12cf091e2f10ba159174f1847116f443fe90955
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
efa508afba0a7bc4e5328f693865d12664e98b4997138d040404a9bbdc251d39
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f5287e2fc72b89099c4503330a40c72419a7dc127c1765452b83d0738a82c2f5
fb22d5989483514639bcb64e60ff3c0dfd2aa1beabcab42b7a81ee15e4e162f2
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

tw.412lala.com Open in urlscan Pro 2606:4700:3036::6815:30ab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

92 %HTTPS

49 %IPv6

31 Domains

48 Subdomains

35 IPs

8 Countries

2599 kBTransfer

4048 kBSize

31 Cookies

0 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tw.412lala.com Open in urlscan Pro
2606:4700:3036::6815:30ab Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

92 %
HTTPS

49 %
IPv6

31
Domains

48
Subdomains

35
IPs

8
Countries

2599 kB
Transfer

4048 kB
Size

31
Cookies

116 HTTP transactions
2 data transactions