m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://letter.postlinkhk.com/v1/Delivery/link?uuid=mail_64868c13dda1c9.88514349&href=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn
Effective URL:
https://m.xuite.net/photo/giftcn
Submission: On June 12 via manual (June 12th 2023, 3:37:57 am UTC) from IN — Scanned from DE

Summary HTTP 130 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 8 countries across 23 domains to perform 130 HTTP transactions. The main IP is 2001:b000:1c9:7600:0:a:d23d:3827, located in Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is m.xuite.net. The Cisco Umbrella rank of the primary domain is 905614.
TLS certificate: Issued by on May 2nd 2023. Valid for: a year.

This is the only time m.xuite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	202.181.141.186 202.181.141.186	7540 (HKCIX-AS-...) (HKCIX-AS-AP HongKong Commercial Internet Exchange)
15	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3827	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:382a	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1 3	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3831	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3822	3462 (HINET Dat...) (HINET Data Communication Business Group)
11	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3818	3462 (HINET Dat...) (HINET Data Communication Business Group)
24	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:8c00:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.252.159.132 34.252.159.132	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	99.84.88.112 99.84.88.112	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4003:c1c::78	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	172.104.109.101 172.104.109.101	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	104.199.210.210 104.199.210.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:206... 2600:9000:206f:7200:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.194.212.25 35.194.212.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.199.245.202 104.199.245.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
130	36

1 202.181.141.186 (Hong Kong) 1 redirects

ASN7540 (HKCIX-AS-AP HongKong Commercial Internet Exchange, HK)

letter.postlinkhk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2001:b000:1c9:7600:0:a:d23d:3827 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

m.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:b000:1c9:7600:0:a:d23d:382a (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

img.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatar.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:b000:1c9:7600:0:a:d23d:3831 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:b000:1c9:7600:0:a:d23d:3822 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2001:b000:1c9:7600:0:a:d23d:3818 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

4.share.photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:8c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.159.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-159-132.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.84.88.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-112.muc50.r.cloudfront.net

content.ad2iction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4003:c1c::78 (Tulsa, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.109.101 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1719-101.members.linode.com

ads.ad2iction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.210.210 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7200:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.245.202 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	xuite.net 2 redirects m.xuite.net — Cisco Umbrella Rank: 905614 img.xuite.net — Cisco Umbrella Rank: 808182 xuite.net — Cisco Umbrella Rank: 267191 photo.xuite.net — Cisco Umbrella Rank: 596530 avatar.xuite.net 4.share.photo.xuite.net	726 KB
25	googlesyndication.com 77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com — Cisco Umbrella Rank: 154 84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com	122 KB
24	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	647 KB
7	ad2iction.com content.ad2iction.com — Cisco Umbrella Rank: 277899 ads.ad2iction.com — Cisco Umbrella Rank: 437158	83 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3	3 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	269 KB
4	vm5apis.com vawpro.vm5apis.com — Cisco Umbrella Rank: 343248 man.vm5apis.com — Cisco Umbrella Rank: 434864 pt0.vm5apis.com — Cisco Umbrella Rank: 439488 match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 336232	22 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1359 google-bidout-d.openx.net — Cisco Umbrella Rank: 1367	676 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 157	600 B
2	gstatic.com csi.gstatic.com	288 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1513	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 785 id5-sync.com — Cisco Umbrella Rank: 427	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1009 bcp.crwdcntrl.net — Cisco Umbrella Rank: 948	12 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 123945	14 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 377	22 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1497	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1424	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1396	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 768	25 KB
1	postlinkhk.com 1 redirects letter.postlinkhk.com	283 B
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
130	23

	Domain	Requested by
24	securepubads.g.doubleclick.net	m.xuite.net securepubads.g.doubleclick.net www.googletagservices.com
15	m.xuite.net	m.xuite.net
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.xuite.net
11	4.share.photo.xuite.net	m.xuite.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.xuite.net
6	www.googletagservices.com	securepubads.g.doubleclick.net m.xuite.net
5	content.ad2iction.com	m.xuite.net securepubads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	img.xuite.net	m.xuite.net
3	www.google.com	tpc.googlesyndication.com
3	xuite.net	1 redirects m.xuite.net
2	ads.ad2iction.com	content.ad2iction.com
2	sb.scorecardresearch.com	m.xuite.net
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects m.xuite.net
2	ad.sitemaji.com	m.xuite.net ad.sitemaji.com
2	cdn.jsdelivr.net	m.xuite.net securepubads.g.doubleclick.net
1	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
1	pt0.vm5apis.com	securepubads.g.doubleclick.net
1	man.vm5apis.com	m.xuite.net
1	vawpro.vm5apis.com	m.xuite.net
1	e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	m.xuite.net
1	e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	avatar.xuite.net	m.xuite.net
1	photo.xuite.net	1 redirects
1	code.jquery.com	m.xuite.net
1	letter.postlinkhk.com	1 redirects
0	d31qbv1cthcecs.cloudfront.net Failed	m.xuite.net
130	42

This site contains links to these domains. Also see Links.

Domain
xuite.net
line.naver.jp
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.xuite.net	`2023-05-02` - `2024-05-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.share.photo.xuite.net	`2023-04-12` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.ad2iction.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-19` - `2023-07-13`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-11-29`	a year	crt.sh
man.vm5apis.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-11`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://m.xuite.net/photo/giftcn
Frame ID: 42463AEF552D15BB67B0A0FBF876F115
Requests: 63 HTTP requests in this frame

Frame: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
Frame ID: AFEDFDD6865116AF7226B158BD90E3A4
Requests: 1 HTTP requests in this frame

Frame: https://77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B01A8F56C82589EF6E4C58DA9266577C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ6NAT3uRf8X1_Q_LPseJNJH5oIWSgPzI4Iv_i8dfYRwXPScZB6nOma_aUstUEWnLHml6aOnhJ1uemgEbIISGd6Pi6E0Impz197zlDMsw55EoB-EI5CsMButGY8mY6QVeN9eK3JzYf2gRwPWBeE21JfDqbpvEqCtCObEdnFEKfcqbj04c3IQUUtv1X-q0smKRkjFDTM7ROId6EYl77dfMYEXT9YnDT-r59xrogccwPE1x-89w_2bdpIv8PJpi6wUwlw0kEUFgCFQG31UIqloHwmOEpUdNVvZFAuE4KR49yb-MvQ9-jfvVlTNTMbcNxIoDYlVHqBag&sai=AMfl-YQ_QZ0SzFgPfZvy3BcfCT-Wi98IrgmNkESRMxJECVdQt3BwF2xNHTmmbsHPZ6XGopX0ox4iqgRpHa7W3sAnBWmQ63BhVsySsKzp4R1ZhiHHbD1QqRJkAODZ-BykRnQe3lBV4UILcUMpJoKQiozS&sig=Cg0ArKJSzELl3Hd59YTbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1A41CE05F1556A12349253973607F8EA
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=m.xuite.net
Frame ID: 52A761499FCCA2AC9DFFF0E564E494B0
Requests: 2 HTTP requests in this frame

Frame: https://e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8655DAF3B6499FFA92737B5DE37F9001
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0sjNu9pjoxOCjp8VW4kXCEcs5TA-ON3BqaQLxk41XN1ShJYjx_QBEHAm-rkHXla7weAMIEM3sUEj-cVj4L_YXjgsgahT5UQckZkshxh0hT1Yf2TNK_XuSuDnyMCFgp_GSZa5V67TpeRjmAOSQHizSJbcVHVGCLd-olrvLk_cDtE9CTYwXca6uEJSw4xow0-7VppBmIqTPMNhu1DVRBbqDNyawygYGRhBgSwq2JdUazoCBOKVahGSGUVIcqOmzX4tkncuEsh9NNi-XrkrRbh3Vqolm_xNl9xTfAr3Y96fXKr1-c6SXL5ae_Mxw-2WWYw-MxEo42otV&sai=AMfl-YRehaMC_ocbcb4Vky4IYAElISk6NOevOaTDFAwGhqpvzK9JcQbhK0qaf-Vf444tOVcQazubQBTuOHPeEF_PyrZIwqvB4yasWDMjLAigANTfjP3mlBVxinX5xXS19PM&sig=Cg0ArKJSzJxzuBjE7RW6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 72C23F6AF9A9106D0AD9CA71D102F726
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E2CD438CCD41E236DC1DB998A920E875
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D22E650EF383B097D48D5DBFEBDB810
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB0B0A8D36DD6E7CD5D80C24A289A399
Requests: 2 HTTP requests in this frame

Frame: https://84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 4A4A92F5E5033F4E5C3F87C310BC4A18
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN7y7TlWaW2FLhwXRDlCqxPdM6HUZtABTROpoNI3tVS7F7JooP4iuNcPGUPYakxJmir1eAXO2_D4mJkNqZQRNNnxNRCzO9zYd0GFP2a2qvig6c-ADllYmGDC3BfS2B-HMlDbNdhhTgkrKdiFZnMtTQZUiUkWvwUwu_naMmy_xele9mte7MXyYJrlyOGlAesyR_GckkJsZgmrgFC9IZC6Kia7Am467fQCQAioG1uBPZ8c8T0jKctXgxpZqFExJ-_5p8h6NNKTdNcCuOCrx2hsgfTgOR3nlvGbb9aARAndbeHQlrO125AcWXnAtUwaTEyksryEqD_Jwr&sai=AMfl-YR5lWcUk3z2JOcUbeED_wekqCbIQANs4e1YWsU82mEg_EKJRHgAnAe61vuklEgPsQmcy5j6lO32QMSS4lUK3Ampg-2iHvKfHaBIV4zsz0XNC8DwJzQKXeGGEzjB2zs&sig=Cg0ArKJSzAIMh95WiPL0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C5990607ED3B4D1809819D41BAFA5A74
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A9EADAEF8901C679E618606B495CC14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F1E6220F1F0EC2BA010EF3729860E532
Requests: 2 HTTP requests in this frame

Frame: https://e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 17B01F9D57962F603F795704693BBCAE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrdo45_whraBi3tNug6elCV1SeR5nNDQ-pZNsJI2ISJlYnp3LjaEmEpSde5bPp5wHfNQ1OvAPV-_dXmKxuPTxaSchFBxz7Hc6z84PNfyOMFpaYipD9uYu4NybRq4w5IiNfALXEJGL8m5W6vDi6-DOC1hM6CYjTj2ZcJ1R7Eknu1E6rcKRTCMykBsQc8S_7HzuohySC_CuFtqArgaO2Tjila5QgHTi0LyRCN2iaIQT8odQS4UrjJkiupLt9Z1-trs4IyGE4V82sHvjbNMTtzu0P7gEePQF7AUgRVzLd109KBvJUu2G7hTFFun_Oponk60nvmRiQkn4T&sai=AMfl-YTShgJCh33vAQJlwwTab-6gVkuj21OHFxVFyi6RRNi9BCS4hGM3R4__fzMXlwnjBnqpMJcXTpxGRCpsAVArrtx2SczwXT65IH47QOTJ0S3wtcXTL0RaMTzaWNDa8qM&sig=Cg0ArKJSzCDonei2X_KCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 65BC4C96485088DA77996B958A47A4B2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BFC609A998D20102A7A83E407DB4D842
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C33D90B9375873DF0A7A42F66104BCC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

giftcn的相簿 @ 隨意窩 Xuite 相簿

Page URL History Show full URLs

http://letter.postlinkhk.com/v1/Delivery/link?uuid=mail_64868c13dda1c9.88514349&href=https%3A%2F%2Fm.xuit... HTTP 301
https://m.xuite.net/photo/giftcn Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

130
Requests

98 %
HTTPS

54 %
IPv6

23
Domains

42
Subdomains

36
IPs

8
Countries

1994 kB
Transfer

5288 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://line.naver.jp/R/msg/text/?%20%0D%0Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn%20%5BXuite%E9%9A%A8%E6%84%8F%E7%AA%A9%5D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?url=https%3Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://letter.postlinkhk.com/v1/Delivery/link?uuid=mail_64868c13dda1c9.88514349&href=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn HTTP 301
https://m.xuite.net/photo/giftcn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://photo.xuite.net/@login?furl=/@ack HTTP 302
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336 HTTP 302
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Request Chain 53

https://oajs.openx.net/esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp&cc=1

Request Chain 65

https://gum.criteo.com/sid/json?origin=publishertagids&domain=xuite.net&sn=ChromeSyncframe&so=0&topUrl=m.xuite.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5CZbm3xQTXdFOVZXRFFhTUFjR1dxcHZYT040Z3k0NEo4bHZNeWg2K3JJdC9vRS94Z2JMc0l3bmo1MWVpOXNXTDhBcit2clZpaUpxRzRMRTBlbmRpMVVqcDBteml5cnNOWE01Q1JScngreFg0VGdtdndCQWtOTFlvWnBGWDZxbFg3TlRldncvN2luRW5vUDJ6SUp2amVGMEIrbTVINi95a2Vma080QmxKSlE4bW5KNS9XZHkwblFHSkl0ODRURjhMQmZMTStMRmljN3VucVVmZThmVU1yZjNac0ZzYUZLNE1haWhZSXRxVFhkc1gxK1JtdHhvYlBCM0JSZ2wyUDBIemZvQjNpTURoYlVKQzN2bTJiWTBSbW1hUUpJdz09fA&cppv=2

130 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request giftcn Show response
m.xuite.net/photo/
Redirect Chain

http://letter.postlinkhk.com/v1/Delivery/link?uuid=mail_64868c13dda1c9.88514349&href=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn
https://m.xuite.net/photo/giftcn

24 KB
11 KB

1897ms
720ms

Document
text/html

2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

95f5b216a5060ef195de4c0e420b84f7fc7389b1829fe2ba7624c61e595d55d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Mon, 12 Jun 2023 03:37:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: m-01
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 12 Jun 2023 03:37:18 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
location: https://m.xuite.net/photo/giftcn

GET
H2 200 jquery.mobile-1.4.5.min.css
code.jquery.com/mobile/1.4.5/ 203 KB
25 KB 137ms
43ms Stylesheet
text/css 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-32a69"
vary: Accept-Encoding
x-hw: 1686541042.dop217.fr8.t,1686541042.cds249.fr8.hn,1686541042.cds052.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24849

GET
H/1.1 200
OK custom.css
img.xuite.net/_v_2.2021.02.24/_css/my/ 508 B
706 B 2242ms
319ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_css/my/custom.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 08:30:05 GMT
Server: Lighttpd
Host: img-02
ETag: W/"613b178d-1fc"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 11 Jun 2024 03:37:24 GMT

GET
H/1.1 200
OK idledialog.css
img.xuite.net/_v_2.2021.02.24/_css/xui/ 3 KB
1 KB 2451ms
313ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_css/xui/idledialog.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 11d575c2cf05f9d0b10907559c4ab8df9254d2f23bde2b24fedcc611779394b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jun 2022 07:27:56 GMT
Server: Lighttpd
Host: img-02
ETag: W/"62ac2cfc-ad1"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 11 Jun 2024 03:37:24 GMT

GET
H/1.1 200
OK fontawesome-all.min.css
m.xuite.net/css/V2/ 34 KB
9 KB 318ms
316ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/fontawesome-all.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-87ae"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:22 GMT

GET
H/1.1 200
OK bootstrap-front.css
m.xuite.net/css/V2/ 150 KB
33 KB 634ms
632ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/bootstrap-front.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-04
ETag: W/"613edceb-257d2"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:22 GMT

GET
H/1.1 200
OK sal.css
m.xuite.net/css/V2/ 7 KB
2 KB 633ms
314ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/sal.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-1d78"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:22 GMT

GET
H/1.1 200
OK swiper.min.css
m.xuite.net/css/V2/ 13 KB
5 KB 948ms
314ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/swiper.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-3563"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:23 GMT

GET
H/1.1 200
OK screen.css
m.xuite.net/css/V2/ 47 KB
9 KB 949ms
315ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/screen.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

4b92b6a210a1c4ca08d3703f2956e8bdd64531d11e4d4fdc2408f709d46224d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 02:18:50 GMT
Server: Apache
Host: m-01
ETag: W/"61b6ad8a-bd16"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:23 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 119 KB
21 KB 135ms
42ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Jun 2023 03:37:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4765566
x-jsd-version: 3.4.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21308
x-served-by: cache-fra-eddf8230137-FRA
x-jsd-version-type: version
etag: W/"1da71-sJcv3M6C/Vg9TCzMPy4990BKGdA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK nftmywall.css
m.xuite.net/css/V2/ 4 KB
2 KB 949ms
314ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/nftmywall.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

82e489102b53928b74f6822a8be9f03c7c974e26096c55d4832c61b13baa7771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Jun 2022 03:39:59 GMT
Server: Apache
Host: m-03
ETag: W/"62ba780f-11c8"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:23 GMT

GET
H/1.1 200
OK nftinfo.css
m.xuite.net/css/V2/ 3 KB
2 KB 959ms
316ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/nftinfo.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

d9a711216bb3a73145b689a5455848b75413343208372f526d9b6d9e6bf324fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Jun 2022 03:39:59 GMT
Server: Apache
Host: m-03
ETag: W/"62ba780f-d68"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:23 GMT

GET
H/1.1 200
OK jquery.min.js Show response
m.xuite.net/js/V2/ 85 KB
35 KB 1280ms
631ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/jquery.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: W/"613edceb-15283"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:23 GMT

GET
H/1.1 200
OK swiper.min.js Show response
m.xuite.net/js/V2/ 136 KB
43 KB 632ms
632ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/swiper.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: W/"613edceb-21fb7"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:24 GMT

GET
H/1.1 200
OK search.png
xuite.net/include/reboot/images/ 2 KB
3 KB 1657ms
314ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xuite.net/include/reboot/images/search.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Apache /
Resource Hash: 04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:27 GMT
Last-Modified: Tue, 24 Mar 2020 04:30:01 GMT
Server: Apache
Host: www-02
ETag: "5e798cc9-970"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=3456000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2416
Expires: Sat, 22 Jul 2023 03:37:27 GMT

GET
H/1.1

200
OK

miniLogin.php
xuite.net/members/ Frame AFED
Redirect Chain

https://photo.xuite.net/@login?furl=/@ack
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessi...
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26se...

0
0

317ms
316ms

Document
text/html

2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Mon, 12 Jun 2023 03:37:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: www-02
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Mon, 12 Jun 2023 03:37:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: www-02
Location: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK logo-2.png
m.xuite.net/img/V2/ 4 KB
4 KB 315ms
314ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/V2/logo-2.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: "613edceb-f85"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3973
Expires: Wed, 12 Jul 2023 03:37:26 GMT

GET
H/1.1 200
OK icon-user.png
m.xuite.net/css/V2/img/ 1 KB
2 KB 318ms
316ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/icon-user.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 22 Nov 2021 07:23:02 GMT
Server: Apache
Host: m-03
ETag: "619b4556-53a"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1338
Expires: Wed, 12 Jul 2023 03:37:26 GMT

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H/1.1 200
OK s
avatar.xuite.net/244155584/ 7 KB
7 KB 1667ms
564ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatar.xuite.net/244155584/s?t=1686541042
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: ba2d99983779077cf8f28146ae97fc3681861dd8a20c22636bff07a2505f2398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:27 GMT
Last-Modified: Tue, 12 May 2015 05:00:17 +0000
Server: Lighttpd
Host: img-01
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Tue, 11 Jun 2024 03:37:27 GMT

GET
H/1.1 200
OK 1174271368_Q.jpg
4.share.photo.xuite.net/giftcn/1483d0a/20271490/ 8 KB
9 KB 3802ms
318ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d0a/20271490/1174271368_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

f125ac911d1ba7e0f09ac1f7490774eedb4fdf389d5ea40d2c2892c9021c90f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 27 Oct 2017 10:25:52 GMT
X-Share-file: 1174271368_Q.jpg
Host: photo-05
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 8437
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1098320598_Q.jpg
4.share.photo.xuite.net/giftcn/1483d47/19648625/ 7 KB
7 KB 4113ms
315ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d47/19648625/1098320598_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

27b581015428d488e994e4b19cbe263be0a07de9ca0348081ca2b3039aa1ddf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Wed, 16 Sep 2015 10:04:53 GMT
X-Share-file: 1098320598_Q.jpg
Host: photo-07
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 6732
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097171842_Q.jpg
4.share.photo.xuite.net/giftcn/1483d67/19640549/ 10 KB
10 KB 4113ms
316ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d67/19640549/1097171842_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

aedc8dde3943b71dc68535bc49e008bddd5013edc62003d4db6290e1455c8bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:41:36 GMT
X-Share-file: 1097171842_Q.jpg
Host: photo-04
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-02
Content-Length: 9876
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097168620_Q.jpg
4.share.photo.xuite.net/giftcn/1483dc8/19640540/ 11 KB
12 KB 4114ms
316ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483dc8/19640540/1097168620_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

41feb9d42dced3b79ae2f422974c19716d5b74f6c349197801a238fba15cd43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:37:16 GMT
X-Share-file: 1097168620_Q.jpg
Host: photo-03
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 11716
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097271643_Q.jpg
4.share.photo.xuite.net/giftcn/1483d34/19640537/ 10 KB
11 KB 4123ms
317ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d34/19640537/1097271643_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

971e05265ac733b8b680ceda40289532d70d3969ced9102074df951b8ca4d8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 23:44:45 GMT
X-Share-file: 1097271643_Q.jpg
Host: photo-05
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 10369
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097170260_Q.jpg
4.share.photo.xuite.net/giftcn/1483d27/19640531/ 17 KB
17 KB 4403ms
314ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d27/19640531/1097170260_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

9346c9fa1638e839d87b92dd3357e784b9a8519bcea507bc51df392a2b8e8ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:24:23 GMT
X-Share-file: 1097170260_Q.jpg
Host: photo-01
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 17342
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097091379_Q.jpg
4.share.photo.xuite.net/giftcn/1483deb/19639992/ 13 KB
14 KB 3769ms
315ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483deb/19639992/1097091379_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

ad453851d7d827829599ea086e5807e3ddb9e619bf07985800b4486ea5a2dc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 11:03:08 GMT
X-Share-file: 1097091379_Q.jpg
Host: photo-04
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 13533
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097091372_Q.jpg
4.share.photo.xuite.net/giftcn/1483de0/19639988/ 16 KB
16 KB 3766ms
314ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483de0/19639988/1097091372_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

f23da9dc04eeabf1c364f80876a42eed13a8e3798ee5645b905f548baf9e8e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 10:53:56 GMT
X-Share-file: 1097091372_Q.jpg
Host: photo-07
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 16081
X-Cacher: HIT from share-04

GET
H/1.1 200
OK 1097092346_Q.jpg
4.share.photo.xuite.net/giftcn/1483da6/19639980/ 15 KB
15 KB 3768ms
315ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483da6/19639980/1097092346_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

aba04cd4ec1f9aa3c9b0fc1067d2679357c451515ea586adeef0032206d9dd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 10:44:27 GMT
X-Share-file: 1097092346_Q.jpg
Host: photo-04
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 14959
X-Cacher: HIT from share-01

GET
H/1.1 200
OK 1095853701_Q.jpg
4.share.photo.xuite.net/giftcn/1483d07/19631746/ 18 KB
18 KB 3775ms
318ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d07/19631746/1095853701_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

e57bd5b5c4127dbdd50f12387075e7aabf8a78bfecf645696de0df4693b73007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 10:16:40 GMT
X-Share-file: 1095853701_Q.jpg
Host: photo-07
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-02
Content-Length: 18280
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1095851652_Q.jpg
4.share.photo.xuite.net/giftcn/1483de1/19530845/ 13 KB
14 KB 3770ms
316ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483de1/19530845/1095851652_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

26a08019e4ce5c38e2bc902f0fdca6acba1edb884cc9e1deba30ac97e3404eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Date: Mon, 12 Jun 2023 03:37:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 09:17:50 GMT
X-Share-file: 1095851652_Q.jpg
Host: photo-08
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 13626
X-Cacher: HIT from share-03

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 177ms
62ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcc43285ceff8137bef3533a358a5901b5978d4c3dda035b3cc00dd38c22f10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25248
x-xss-protection: 0
server: cafe
etag: 458 / 19520 / m202306060101 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H2 200 ysm_xuite.js Show response
ad.sitemaji.com/ 41 KB
13 KB 136ms
40ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 19:46:21 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 04 Oct 2021 09:42:04 GMT
server: nginx/1.12.1 (Ubuntu)
age: 28265
etag: W/"615acc6c-a249"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13060
expires: Mon, 12 Jun 2023 19:46:21 GMT

GET
H/1.1 200
OK xui.js Show response
img.xuite.net/xui/ 331 KB
331 KB 2562ms
2562ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/xui.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Last-Modified: Tue, 11 Feb 2020 08:53:32 GMT
Server: Lighttpd
Host: img-02
ETag: "5e426b8c-52b78"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338808
Expires: Tue, 11 Jun 2024 03:37:26 GMT

GET
H/1.1 200
OK screen.css
m.xuite.net/css/V2/ 47 KB
47 KB 315ms
315ms Image
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/screen.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Dec 2021 02:18:50 GMT
Server: Apache
Host: m-01
ETag: W/"61b6ad8a-bd16"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 12 Jul 2023 03:37:26 GMT

GET
H/1.1 200
OK albumlist-banner-bg.png
m.xuite.net/css/V2/img/ 3 KB
3 KB 314ms
313ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/albumlist-banner-bg.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

033dc512c8e08219e66bcdd1f6642346c18515bd5a1e25f9dce3a5955765dd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 22 Nov 2021 07:23:02 GMT
Server: Apache
Host: m-03
ETag: "619b4556-b19"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2841
Expires: Wed, 12 Jul 2023 03:37:26 GMT

GET
H/1.1 200
OK icons-s61afdb56a9.png
m.xuite.net/img/ 31 KB
32 KB 626ms
626ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/icons-s61afdb56a9.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 08 Dec 2021 07:55:21 GMT
Server: Apache
Host: m-03
ETag: "61b064e9-7dd3"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32211
Expires: Wed, 12 Jul 2023 03:37:26 GMT

GET
H2 200 sitemaji_tab_hinet.css
ad.sitemaji.com/ 3 KB
672 B 40ms
40ms Stylesheet
text/css 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 21:22:35 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 22491
etag: W/"5d0b49e9-ab6"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540
expires: Mon, 12 Jun 2023 21:22:35 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ 404 KB
125 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 16:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40512
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Jun 2024 16:22:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
760 B 131ms
50ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b99aa71ad6c6a37a2ba0dfc81be411d8ab39dec8bc02ccae03d6d70f898153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ 61 KB
23 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac409ab223d2d90f29f51ab3ef70592dad90c6a6c10e3c1c4bbda9e4070da5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23513
x-xss-protection: 0
server: cafe
etag: 17305001289307075154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 04:30:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 146ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
796 B 88ms
42ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Jun 2023 03:37:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15470
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 151ms
40ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:11:08 GMT
via: 1.1 google
age: 1578
x-guploader-uploadid: ADPycdtzG9MAwq6I91aRQK5pE-wih_dWbczWixFszgJf3kMZJKB8Vaj4rV0IlqEhusUN8GcyXB2TvV1BP45nXrNy-4LySaz6_SDm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Mon, 12 Jun 2023 04:11:08 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 133ms
43ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 01:47:30 GMT
content-encoding: gzip
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6597
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: k8Xx-M8dZj-njc5APgusH6soUJw1K5EWrc9zFU3HJwn7jmJ6pqSEXw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 146ms
52ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: S7H87XBE379H6WGT
age: 3387
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d5f0e254c443a79-FRA
x-amz-id-2: zwOiW/f5g30CYUewzzLg+7vhFf0Stm7IIlrYXRDsUuDsVoPTccYtGfGD/+K6Omb6j1Vkj8UP5Hs=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 134ms
39ms Script
text/javascript 2600:9000:225b:8c00:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:8c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 05:58:55 GMT
Via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 77912
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: RNUYmRdjxgsvX_La79D6IX3hBfi2RgQ5rh7Lx7fTR7ARUll_H2CnAw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 130ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Fri, 19 May 2023 15:00:55 GMT
content-encoding: gzip
age: 2032591
x-guploader-uploadid: ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 18 May 2024 15:00:55 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 203ms
96ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 13 Jun 2023 03:37:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 76ms
76ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4474828409929710&correlator=2709155276755918&eid=31075063%2C31068366%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fifs&iu_parts=22590772197%2Cxuite_inbottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3946070794&didk=374307839&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1686541046500&lmt=1686541046&dlt=1686541042322&idt=4142&adxs=0&adys=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rumc=4474828409929710&rume=1&frm=20&vis=1&psz=1600x1465&msz=1600x0&fws=4&ohw=1600&ga_vid=302628758.1686541047&ga_sid=1686541047&ga_hid=1018250299&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3qW47YoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjepbjtijFIAFICCGQSGQoKcHViY2lkLm9yZxjepbjtijFIAFICCGQSFwoIcnRiaG91c2UY3qW47YoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN6luO2KMUgAUgIIZBIZCgp1aWRhcGkuY29tGN6luO2KMUgAUgIIZBIUCgVvcGVueBjepbjtijFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9ec3c4f84fd8220705d18e7d26f9823d2b638c5884322e79ff03d301d22518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12585
x-xss-protection: 0
google-lineitem-id: 5784491194
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138362769002
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B01A 6 KB
3 KB 193ms
49ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:26 GMT
expires: Tue, 11 Jun 2024 03:37:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A41 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ6NAT3uRf8X1_Q_LPseJNJH5oIWSgPzI4Iv_i8dfYRwXPScZB6nOma_aUstUEWnLHml6aOnhJ1uemgEbIISGd6Pi6E0Impz197zlDMsw55EoB-EI5CsMButGY8mY6QVeN9eK3JzYf2gRwPWBeE21JfDqbpvEqCtCObEdnFEKfcqbj04c3IQUUtv1X-q0smKRkjFDTM7ROId6EYl77dfMYEXT9YnDT-r59xrogccwPE1x-89w_2bdpIv8PJpi6wUwlw0kEUFgCFQG31UIqloHwmOEpUdNVvZFAuE4KR49yb-MvQ9-jfvVlTNTMbcNxIoDYlVHqBag&sai=AMfl-YQ_QZ0SzFgPfZvy3BcfCT-Wi98IrgmNkESRMxJECVdQt3BwF2xNHTmmbsHPZ6XGopX0ox4iqgRpHa7W3sAnBWmQ63BhVsySsKzp4R1ZhiHHbD1QqRJkAODZ-BykRnQe3lBV4UILcUMpJoKQiozS&sig=Cg0ArKJSzELl3Hd59YTbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1A41 75 KB
25 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74881fcd40aa7550d2d335137845f307148cef2a5de7a52c3a07ca87688ef3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25235
x-xss-protection: 0
server: cafe
etag: 837 / 19520 / 31075243 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A41 175 KB
55 KB 155ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp&cc=1

85 B
202 B

152ms
152ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp&cc=1
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 39489c518819e3f8c11fbe1d810146ea74c43f203df7fa1198430207a39c23fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-2E0i1EvI/fivD7D0xg2rgOmPSIs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 12 Jun 2023 03:37:26 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://m.xuite.net
location: /esp?url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 175ms
55ms XHR
application/json 34.252.159.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.159.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-159-132.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3553e5f1113bdb7435a6c0ed33654f80db6f4f88fd6e491ea9e44bdf944e4cd8

Request headers

Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 03:37:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache
x-server: 10.45.30.150
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 57ms
56ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 2f09c7562c38f35c8d861de4860b0d506d76921e97af57737c6371795fb6f0fe

Request headers

Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 2d4182119593e039ffedb3edcd81fef3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 143ms
54ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.xuite.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://m.xuite.net
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 12 Jun 2023 03:37:26 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 9506c780b7509fa36e955e4d25e73461

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 132ms
41ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.xuite.net
date: Mon, 12 Jun 2023 03:37:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/ Frame 1A41 408 KB
126 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:52:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42272
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128870
x-xss-protection: 0
server: cafe
etag: 11402592609364769902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Jun 2024 15:52:54 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 1A41 2 KB
760 B 48ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b99aa71ad6c6a37a2ba0dfc81be411d8ab39dec8bc02ccae03d6d70f898153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 52A7 15 KB
6 KB 142ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=m.xuite.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 316508
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1A41 107 B
165 B 52ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1A41 27 KB
12 KB 82ms
82ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=208486795592939&correlator=1370135057299523&eid=31075146%2C31075243&output=ldjh&gdfp_req=1&vrg=202306080201&ptt=17&impl=fifs&iu_parts=22152802429%2Cxuite%2Cxuite_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2257615698&didk=1364162757&sfv=1-0-40&sc=1&cookie=ID%3Df4977c1d95c7c14c%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbGXAaUyyJZcKKkWIjj3lZf0bd53g&gpic=UID%3D00000c2ebd95b676%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbU51xABB3GSmqe9RGzHoF0b1HCFw&abxe=1&dt=1686541046861&lmt=1686541046&dlt=1686541046621&idt=208&adxs=0&adys=1604&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=yjzdhpkkosvy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=1966450832.1686541047&ga_sid=1686541047&ga_hid=529988092&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3qW47YoxSABSAghkEhkKCnB1YmNpZC5vcmcYu6a47YoxSABSAghqEhcKCHJ0YmhvdXNlGN6luO2KMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjepbjtijFIAFICCGQSGQoKdWlkYXBpLmNvbRjepbjtijFIAFICCGQSFAoFb3BlbngY3qW47YoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiDqLjtijFIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302461172e66ce2584287af13d376b5611f77078b7b0678e6f6ba68051e140e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11998
x-xss-protection: 0
google-lineitem-id: 5669218934
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358033318
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8655 6 KB
3 KB 67ms
52ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:26 GMT
expires: Tue, 11 Jun 2024 03:37:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1A41 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82bfaaa4778ae743684e9e9a6f3335239bc9347ec89806f702ebf33b4091350b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame 52A7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=xuite.net&sn=ChromeSyncframe&so=0&topUrl=m.xuite.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=5CZbm3xQTXdFOVZXRFFhTUFjR1dxcHZYT040Z3k0NEo4bHZNeWg2K3JJdC9vRS94Z2JMc0l3bmo1MWVpOXNXTDhBcit2clZpaUpxRzRMRTBlbmRpMVVqcDBteml5cnNOWE01Q1JScngreFg0VGdtdndCQWtOTFlvWnBGWD...

425 B
666 B

159ms
40ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5CZbm3xQTXdFOVZXRFFhTUFjR1dxcHZYT040Z3k0NEo4bHZNeWg2K3JJdC9vRS94Z2JMc0l3bmo1MWVpOXNXTDhBcit2clZpaUpxRzRMRTBlbmRpMVVqcDBteml5cnNOWE01Q1JScngreFg0VGdtdndCQWtOTFlvWnBGWDZxbFg3TlRldncvN2luRW5vUDJ6SUp2amVGMEIrbTVINi95a2Vma080QmxKSlE4bW5KNS9XZHkwblFHSkl0ODRURjhMQmZMTStMRmljN3VucVVmZThmVU1yZjNac0ZzYUZLNE1haWhZSXRxVFhkc1gxK1JtdHhvYlBCM0JSZ2wyUDBIemZvQjNpTURoYlVKQzN2bTJiWTBSbW1hUUpJdz09fA&cppv=2

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3319c62087d9c368d689ce37ca316cd7ac1f14e30d1c3a4597e96470420dc789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 03:37:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1167505
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Jun 2023 03:37:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5CZbm3xQTXdFOVZXRFFhTUFjR1dxcHZYT040Z3k0NEo4bHZNeWg2K3JJdC9vRS94Z2JMc0l3bmo1MWVpOXNXTDhBcit2clZpaUpxRzRMRTBlbmRpMVVqcDBteml5cnNOWE01Q1JScngreFg0VGdtdndCQWtOTFlvWnBGWDZxbFg3TlRldncvN2luRW5vUDJ6SUp2amVGMEIrbTVINi95a2Vma080QmxKSlE4bW5KNS9XZHkwblFHSkl0ODRURjhMQmZMTStMRmljN3VucVVmZThmVU1yZjNac0ZzYUZLNE1haWhZSXRxVFhkc1gxK1JtdHhvYlBCM0JSZ2wyUDBIemZvQjNpTURoYlVKQzN2bTJiWTBSbW1hUUpJdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 310895
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1A41 14 KB
11 KB 172ms
64ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306080201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afbde569e053eba354ce4b583bad69ec0edd654d13a2eb1384ceab8a6569aa8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11159
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A41 0
0 80ms
80ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxQZ2eIFzCTB0cjW7XIqNktM7uGL1sYKvkpPzQd5hUV2GbAExHitgIQfLo4jAk0Vb0nk3aRR3hgX-myQtuVJ6M5V_MsZ5YQsc-pEu220-RJUi9qybnuj0wHQrGL_hpJN79PqH0AU7ALIJPTvY_k088A85GtyHC5esfQRarMyHneRpQ9b6g5Vw1RapmbQg3Cp8m9Y2L5jgOa89K0HSMHDsAX5tj3f3YVh5ORJgytW6x-qv-54zwsk6XQ0qNHTqRo2FIX6Qyi-7DhcY5To1XamXcGJNIJXWPkUOoP5pw8XHPr0XhhME4iqJQYQhttoChX1kzqccxaS99YQ&sai=AMfl-YT_CFZ7Fml8NdxGX7EC5FV4FR8vLU7n53pX4-9YR14CnZKQ2wQAsqWzJLrl5lVj1EqZJRXCiTajxixM_HppmqRTZipLeNNveJQAareI7U8h-Pwz1V5svGlRr9U1_F9qtmpsXv3lEEzjsszoVRGO&sig=Cg0ArKJSzHwPQyQhb-FhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72C2 0
0 80ms
79ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0sjNu9pjoxOCjp8VW4kXCEcs5TA-ON3BqaQLxk41XN1ShJYjx_QBEHAm-rkHXla7weAMIEM3sUEj-cVj4L_YXjgsgahT5UQckZkshxh0hT1Yf2TNK_XuSuDnyMCFgp_GSZa5V67TpeRjmAOSQHizSJbcVHVGCLd-olrvLk_cDtE9CTYwXca6uEJSw4xow0-7VppBmIqTPMNhu1DVRBbqDNyawygYGRhBgSwq2JdUazoCBOKVahGSGUVIcqOmzX4tkncuEsh9NNi-XrkrRbh3Vqolm_xNl9xTfAr3Y96fXKr1-c6SXL5ae_Mxw-2WWYw-MxEo42otV&sai=AMfl-YRehaMC_ocbcb4Vky4IYAElISk6NOevOaTDFAwGhqpvzK9JcQbhK0qaf-Vf444tOVcQazubQBTuOHPeEF_PyrZIwqvB4yasWDMjLAigANTfjP3mlBVxinX5xXS19PM&sig=Cg0ArKJSzJxzuBjE7RW6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ad2-crazy.js Show response
content.ad2iction.com/mediascroll/crazy/js/ 237 KB
77 KB 483ms
330ms Script
application/javascript 99.84.88.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.ad2iction.com/mediascroll/crazy/js/ad2-crazy.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-112.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e4abfc8ceafc2f53e31619aed3cfca5241fe5d93c92b3cef3b658eac786f28a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
content-encoding: gzip
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
last-modified: Thu, 18 May 2023 04:45:26 GMT
server: nginx
x-amz-cf-pop: MUC50-C1
etag: W/"6465ad66-3b343"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
cache-control: max-age=86400
x-amz-cf-id: VxpCMpMTFw8R6Jo27QU6Ikpt3bJbTPDuaqxQ4v146FX6fZPOlc6EqQ==
expires: Mon, 12 Jun 2023 01:28:36 GMT

GET
H2 200 tracking.js Show response
content.ad2iction.com/lo/ad2analytics/ Frame 72C2 339 B
791 B 219ms
67ms Script
application/javascript 99.84.88.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.ad2iction.com/lo/ad2analytics/tracking.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-112.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 30830ea1a5344a00a324c77cb68d0104b70012e2367eeab1bafb79dd9b93391d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 6016
x-cache: Hit from cloudfront
content-length: 339
last-modified: Mon, 27 Jul 2020 07:08:22 GMT
server: nginx
etag: "5f1e7d66-153"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: Yw49mLWXM-R3IK0jdq2m6pvLD1VskWqOzS5Eh4OBOjSHVYgmiULVVA==
expires: Sun, 11 Jun 2023 00:53:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72C2 175 KB
55 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:26 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 1A41 61 KB
23 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac409ab223d2d90f29f51ab3ef70592dad90c6a6c10e3c1c4bbda9e4070da5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23513
x-xss-protection: 0
server: cafe
etag: 17305001289307075154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 04:30:45 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1A41 0
234 B 470ms
156ms Ping
image/gif 2607:f8b0:4003:c1c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lisazsh6&chm=1&c=4474828409929710&ctx=2&qqid=COHi6f_mvP8CFeHGuwgd6oIERw&met.4=fb.6~lb.7x~ol.97~idt.33p~dt.-3d&met.9=1.2d~13.3s~2.5s&met.3=739.7x~738.93~749.94_4~740.9s_1~736.9t~735.9u_1~113.b3_4~112.b2_4&met.1=1.lisazs65~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.8d~23.8d&met.7=CBsQCDgB~CCIQBBgBIAgoCDBaOFJoCXBYeKwCsAEBuAED~CDsQChgBIAgoCDBNOERoCXBBeL_HAYABk8UBiAGp2gSwAQG4AQM~CE0QChgBIAgoCDDlATjdAUAJSBhQGFhwYD9ocXCjAXiztwOAAYe1A4gB8_UKsAEBuAED~CEMQChgBIFYoVjDDAThuaFZwfXiS8QeAAebuB4gBx70ZsAEBuAED~CDwQDRgBIFYoVjCHATgxaFdwhwF4iwiAAd8FiAGMErABAbgBAw~CC8QBxgBIOUBKOUBMJoCODZo6AFwmQJ4kAOAAWSIAWuwAQG4AQM~CA8QDRgBIPgBKPgBMMoCOFNo-AFwygJ4imCAAd5diAHb2gGwAQG4AQM~CBsQBRgBIPoBKPoBML8COEZoiQJwvQJ4iReAAd0UiAGSMLABAbgBAw~CCgQChgBIOACKOACMIoDOCpo4AJwiAN4hboBgAHZtwGIAY_rA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c1c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 03:37:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 72C2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f4ca9f493d860311de551590885527f4d2c1e6fba8d6a64fdb3fcd02b8af82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E2CD 0
176 B 146ms
49ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 12 Jun 2023 03:37:27 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1A41 17 KB
7 KB 161ms
49ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306080201/pubads_impl.js?cb=31075243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 03:37:27 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 72C2 43 B
300 B 143ms
41ms Image
image/gif 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=27108638&c3=123456&ns_ap_it=b&rn=1686541047
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: iIxWvWAf4PjyZXxaueVyTR-FaUe8xfYC2oSEb1jp8ztmjmL5RhIXFA==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D22 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:54:11 GMT
expires: Mon, 10 Jun 2024 13:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB0B 783 B
1 KB 150ms
49ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b19d07dfbaca6171829419d58c85deb5d9b725ba51311864de2c34575095125

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mnpcIIBGvvWohw0bsr8aAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-mnpcIIBGvvWohw0bsr8aAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:27 GMT
expires: Mon, 12 Jun 2023 03:37:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72C2 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGuv7wabMmfJ_Mg6mWBL4iPKy7k8FxxyRvSXhbyu-qSl7kFd2Q79uwmfT_YNqco7d3N1Cg-d2kNEF_yGs5WR7VJlY1WMLQo0mfVlNBCyOJLp94frzhAMW9Tsmqie93pL3e7r5XJ3j-Ow1f_NDxGQl63xn2kGDgLfOvtU9sUyP5WJDeFCBrViZX-7zyRbOAE3s9o24__-LusBXKMo4fxTbVqzTNUko7mjsnaGRqDSQxrZzmMDQL4lt6i5o78Tb6qpGBaVOhaM2uheJf9Jou9iYtAWAkuul7uyNDqxdZVg7WSko5Sqj5HQnPm1eJ9f-61I2qd5WqSP-15w0&sai=AMfl-YS6TML73q6-9qoeAOLLTEBonwiBtyLGe0BloRLD5961uehQDPGTrFtloBkxo34jhPh8lSM3pr3wF-ZUTdcQVTniFsz20EDXROLvajm2mKhxW2l32zvbijMJM8CnAtU&sig=Cg0ArKJSzPyIrU5VqucmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:27 GMT

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D22 37 KB
14 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB0B 0
0 74ms
74ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306080201&jk=208486795592939&rc=
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
ads.ad2iction.com/html/v2/ 1 B
567 B 1274ms
311ms XHR
application/json 172.104.109.101
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad2iction.com/html/v2/?id=6e043016-9e9a-11eb-b47a-f23c9173ed43&ref=&rf=https%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=p&v=8&size=march&iso=en-US&_=1686541047524
Requested by: Host: content.ad2iction.com
URL: https://content.ad2iction.com/mediascroll/crazy/js/ad2-crazy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.109.101 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1719-101.members.linode.com
Software: nginx / PHP/7.3.2
Resource Hash: d2e2adf7177b7a8afddbc12d1634cf23ea1a71020f6a1308070a16400fb68fde

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:28 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Methods, Content-Type

GET
H2 200 close-rotation-1.png
content.ad2iction.com/mediascroll/ 1 KB
1 KB 43ms
41ms Image
image/png 99.84.88.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.ad2iction.com/mediascroll/close-rotation-1.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-112.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 02002e982f9fe485496efce8ff92f11fb21a82e3bf427fe13075ed78f254ffaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 17:00:25 GMT
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 38222
x-cache: Hit from cloudfront
content-length: 1063
last-modified: Mon, 08 Nov 2021 08:21:20 GMT
server: nginx
etag: "6188de00-427"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 806pLcnWbWR4OPXYR86nRoBeJWXb4nZmZTUiVlz1Xu61fx9lFKKUxQ==
expires: Mon, 12 Jun 2023 17:00:25 GMT

GET
H2 200 logo.png
content.ad2iction.com/mediascroll/ 1 KB
2 KB 43ms
41ms Image
image/png 99.84.88.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.ad2iction.com/mediascroll/logo.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-112.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: daaff9054abaa12966c131d0d69e252d07bda0d906553299b8274be205fc1c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 04:30:13 GMT
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 83234
x-cache: Hit from cloudfront
content-length: 1488
last-modified: Mon, 02 Oct 2017 03:04:13 GMT
server: nginx
etag: "59d1acad-5d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ITa7Q5jRYF7kwqu88O9JHDb5u9_o0WGq8yb_zUTdLGEX8EhwS4LTpA==
expires: Mon, 12 Jun 2023 04:30:13 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2D22 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tPixRg
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A41 0
0 76ms
75ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306080201&jk=208486795592939&bg=!ODulO2_NAAaGYqkwpmI7ADkAdvg8WnFUrrihKhfLwVETDCFTtFEyUCd0g3MMNXVjx2AbG_GfTMALAFNITbG3fD6aNZLJAIE3JsQCAAAAdVIAAAAEaAEHmQLwLb7wh2N7AxDi1HsshhUxqsa2yQhQRcj2CnFX6chPsXjvLHYqmoQaLJ35xg-X9tWUq2x9VqGYekevbu0C7ZwGvjLsOkylva5a00WUjQS-JdHivTzWbQS9Y6cQEeWbSIx8kH4SKG2GzcNupUifX7oNQTD4C0kWwyAW8ryxktQVxN_DpfJWmm0zeHRE57NF3eOe0_YQrLdHTFkUPZDsf7T9JZLbS20Tc6kGveVBBxd78I11MnDXEz4ZqsDJfXFr8CkwsyhFI2P30Pj-rFLsSFj1XYXdSCJlqZGo9hF-cqeAWLoDmKWdBuiNzqEB9by9XtCqDn2ehRLza80KIEpVYtA5Yhx_0T4Ft9P2bIZZQQfedEr74U09vCV_oQ67YsR0rcRL54LtKtF0_xRZ8YoiU0uQwE6CoCHOYKuToWKVMNXjO0I5q71ZrKZ3IQpERoO6zRkegp_eQRFqw_hl3unW2SHX3CTNVhieH9QVr3F26jC4OC7T4ThBgDQjCh4hWH0vHKuJGx8SXmQoqqeRvtWNi9_Q5rZxFHOxXrZZCT5VTgtD1yrQs5cLMGOfHznzUAP1QYPZPeq5FN_58z80m3trilW9hGVXFWczxHEB_UDYGAMp-nAXQHvhgNb8Nvtis_uWE6Gl1C1bzlsycv0JrDOZeK-dkhrRtFOtKjorI0TsDCq5Mz8lJfpHMu58Q27aX6WrvEqmQMcMo5FMwggY0sz9fC9fjYZOgmX9uAU2Gu9mKtRHuXkOQ_28xNIVKRkal12LRIFvxTqn9Yw_zDf02LS3zgbtsbP6DWzwQfDHJfTWOQjlhkpJDUijcNvvGTBpO_85oxCbDd1E6M0D3_52xuOb2Kc49f9UTYRWnEtBnII4CaUCEJyU5GppTve63iXO1-wEa4WbCCSIpxS82eqOVngoWjIBEq7R3Av7EJttCBbhWHpCMwcqGxG0sbYJuOtDuK6lPZ78d2RP2XKXtf8XHuMbDinTKj1YhiukT0XWCJFHTfL08oU
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 72C2 75 KB
25 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a7a480f427a0f5e53ad5c44b0cf654b96d87ef882e867cade1489f3e129be1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25252
x-xss-protection: 0
server: cafe
etag: 235 / 19520 / 31075165 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:28 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/ Frame 72C2 404 KB
124 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 13:10:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51999
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127303
x-xss-protection: 0
server: cafe
etag: 14748094856067035890
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Jun 2024 13:10:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 72C2 2 KB
760 B 48ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b99aa71ad6c6a37a2ba0dfc81be411d8ab39dec8bc02ccae03d6d70f898153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:28 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 72C2 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 72C2 27 KB
12 KB 81ms
81ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1514551052646387&correlator=36484087694958&eid=31074948%2C31075165&output=ldjh&gdfp_req=1&vrg=202306060101&ptt=17&impl=fif&iu_parts=22152802429%2Cxuite%2Cxuite_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1770098513&didk=2494555188&sfv=1-0-40&sc=1&cookie=ID%3Df4977c1d95c7c14c%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbGXAaUyyJZcKKkWIjj3lZf0bd53g&gpic=UID%3D00000c2ebd95b676%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbU51xABB3GSmqe9RGzHoF0b1HCFw&abxe=1&dt=1686541048990&lmt=1686541048&dlt=1686541046959&idt=2004&adxs=0&adys=1621&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=2wpoa9abpwu5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=860221849.1686541049&ga_sid=1686541049&ga_hid=1738968645&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3qW47YoxSABSAghkEhkKCnB1YmNpZC5vcmcYu6a47YoxSABSAghqEsIBCghydGJob3VzZRKsAWJ6UnFkdGxtbmNZclpvWHZBd0hlUE14REZSVDRzb0g0VXBSdHVBSm5Md3JoZzgxcVVqTFg3VU90bEV6azdKTkRpM2dvb1ZIZ2FNVy9oSFNSOUhhd2h4TXdKbVkzSTkwUXNmcGVlTlp2U01MZ2FLdk92WDJwbjh6OHhNT2FTSEtuVGx3dDFmOUE3RysycnV1NHJWLzUwSld5YllqVUh6WGp6NGExZWZLRHJVdz0Yh6m47YoxSAASHQoOZXNwLmNyaXRlby5jb20Y3qW47YoxSABSAghkEhkKCnVpZGFwaS5jb20Y3qW47YoxSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1WTkhlR2w2ZWxsU1pIbG5USGR0VUdvd2JYVkRVVDA5SW4wPRipqrjtijFIABIbCgxpZDUtc3luYy5jb20Yg6i47YoxSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73a91cc1910ec6b518df0a55e0c0dbaf0106bfdf936af75ddaf1e8304fa20a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11974
x-xss-protection: 0
google-lineitem-id: 5669218934
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358033318
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 72C2 15 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21e57626a8996536d0457daf4cd00d9a2e591be9ddae537aa050823a30e1e32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11354
x-xss-protection: 0

GET
H2 200 container.html Show response
84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A4A 6 KB
3 KB 72ms
48ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:29 GMT
expires: Tue, 11 Jun 2024 03:37:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 72C2 17 KB
6 KB 479ms
479ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C599 0
0 80ms
80ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuN7y7TlWaW2FLhwXRDlCqxPdM6HUZtABTROpoNI3tVS7F7JooP4iuNcPGUPYakxJmir1eAXO2_D4mJkNqZQRNNnxNRCzO9zYd0GFP2a2qvig6c-ADllYmGDC3BfS2B-HMlDbNdhhTgkrKdiFZnMtTQZUiUkWvwUwu_naMmy_xele9mte7MXyYJrlyOGlAesyR_GckkJsZgmrgFC9IZC6Kia7Am467fQCQAioG1uBPZ8c8T0jKctXgxpZqFExJ-_5p8h6NNKTdNcCuOCrx2hsgfTgOR3nlvGbb9aARAndbeHQlrO125AcWXnAtUwaTEyksryEqD_Jwr&sai=AMfl-YR5lWcUk3z2JOcUbeED_wekqCbIQANs4e1YWsU82mEg_EKJRHgAnAe61vuklEgPsQmcy5j6lO32QMSS4lUK3Ampg-2iHvKfHaBIV4zsz0XNC8DwJzQKXeGGEzjB2zs&sig=Cg0ArKJSzAIMh95WiPL0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tracking.js Show response
content.ad2iction.com/lo/ad2analytics/ Frame C599 339 B
788 B 42ms
41ms Script
application/javascript 99.84.88.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.ad2iction.com/lo/ad2analytics/tracking.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-112.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 30830ea1a5344a00a324c77cb68d0104b70012e2367eeab1bafb79dd9b93391d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:27 GMT
via: 1.1 47225389ee58add3b9e790ead940cda4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 6018
x-cache: Hit from cloudfront
content-length: 339
last-modified: Mon, 27 Jul 2020 07:08:22 GMT
server: nginx
etag: "5f1e7d66-153"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 3uTiLOc10RRiLilWHMJcpzFimHqkEkT_9tc5UPn5Kx3k8CrsPgqQ0Q==
expires: Sun, 11 Jun 2023 00:53:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C599 175 KB
55 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306060101/pubads_impl.js?cb=31075165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H/1.1 200
OK / Show response
ads.ad2iction.com/html/v2/ 1 B
567 B 313ms
312ms XHR
application/json 172.104.109.101
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad2iction.com/html/v2/?id=6e043016-9e9a-11eb-b47a-f23c9173ed43&ref=&rf=https%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=p&v=8&size=march&iso=en-US&_=1686541049103
Requested by: Host: content.ad2iction.com
URL: https://content.ad2iction.com/mediascroll/crazy/js/ad2-crazy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.109.101 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1719-101.members.linode.com
Software: nginx / PHP/7.3.2
Resource Hash: d2e2adf7177b7a8afddbc12d1634cf23ea1a71020f6a1308070a16400fb68fde

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:29 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.2
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Methods, Content-Type

GET
H2 200 p
sb.scorecardresearch.com/ Frame C599 43 B
300 B 41ms
40ms Image
image/gif 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=27108638&c3=123456&ns_ap_it=b&rn=1686541049
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: ffJOdSVq3oH7VdZYPvmwz_ulGCZxrLdPhWTBAV6MCGf5mNx_kJbRAg==

GET
DATA 200
OK truncated
/ Frame C599 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6f234f283300c457edcb301942b934984661d2aed19542f52e4ff84d682841a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C599 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYIsY_d3XhQ2b-I-Y_fFmbanp9ljv6nMTrUhRpBDoQmHzBFEvTYYQQjRL6B2PP3kIzsDWpCyHwsf6EqVrpeR5tscz3EYdZg3Em4c2esaJvw1bWMrWengwJdmhAS_wx2vjPKw2ho11E3_T1FSEjUbv6KYFEix2p7ZHkQeEexnnx9_gZcthxbCE-uKkxVPE8hhVdMmQO8ARE-WEQJ4eJFQ_89fN49gIaaM2RIC1HwlUYSsnx_2dqyLnyyact7uVkPZYUTpYSiIHgxfRXw_TcazPhtoov4DjIc5yX-CYjR0EERBgNBsRXRDQ7d5a6_cq5mjPB9pLembmXPks&sai=AMfl-YQbIk8Y-njZKFytnKwJjrKh0NK8h8omMOnMbxElQ3A64NekgAYZvv3qGA27Qoh67Exo0ju_rXxI6wAJaephyW4wE3EC6TfvahQr4jLdcQw2oQp0YnkymUUkJToqi54&sig=Cg0ArKJSzO8MVqG9_h-vEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C599 76 KB
25 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56bb60ebd2bfa7d5a828c04cffa26e977318ab4616a60d10960b475ca91117bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25529
x-xss-protection: 0
server: cafe
etag: 548 / 19520 / 31075209 / config-hash: 404984007886724395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/ Frame C599 404 KB
125 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 10:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61677
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127703
x-xss-protection: 0
server: cafe
etag: 12901696529074996400
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Jun 2024 10:29:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C599 2 KB
764 B 48ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6d71960a6026eb3513a3f4bb213d7d046243e93ce52c24682c5f60718c701c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 739
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A9E 13 KB
5 KB 45ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:54:11 GMT
expires: Mon, 10 Jun 2024 13:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F1E6 783 B
765 B 55ms
50ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58b2adbaf1eb4f3c0ad60f5cb0968a5e502449dea1efd0cc17e2c8b1c1cb8b6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dC9d5v9lX2HJCqjWAi-PNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-dC9d5v9lX2HJCqjWAi-PNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:29 GMT
expires: Mon, 12 Jun 2023 03:37:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C599 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C599 32 KB
13 KB 85ms
84ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1558615613309414&correlator=2621002617356618&eid=31074948%2C31075209%2C31075234%2C44777901%2C31068367%2C21065725&output=ldjh&gdfp_req=1&vrg=202306070101&ptt=17&impl=fif&iu_parts=22152802429%2Cxuite%2Cxuite_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=1770098513&didk=2494555188&sfv=1-0-40&sc=1&cookie=ID%3Df4977c1d95c7c14c%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbGXAaUyyJZcKKkWIjj3lZf0bd53g&gpic=UID%3D00000c2ebd95b676%3AT%3D1686541046%3ART%3D1686541046%3AS%3DALNI_MbU51xABB3GSmqe9RGzHoF0b1HCFw&abxe=1&dt=1686541049615&lmt=1686541049&dlt=1686541049092&idt=494&adxs=0&adys=1638&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=7zz93xw11o7a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=304270937.1686541050&ga_sid=1686541050&ga_hid=1102905575&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY3qW47YoxSABSAghkEhkKCnB1YmNpZC5vcmcYu6a47YoxSABSAghqEsIBCghydGJob3VzZRKsAWJ6UnFkdGxtbmNZclpvWHZBd0hlUE14REZSVDRzb0g0VXBSdHVBSm5Md3JoZzgxcVVqTFg3VU90bEV6azdKTkRpM2dvb1ZIZ2FNVy9oSFNSOUhhd2h4TXdKbVkzSTkwUXNmcGVlTlp2U01MZ2FLdk92WDJwbjh6OHhNT2FTSEtuVGx3dDFmOUE3RysycnV1NHJWLzUwSld5YllqVUh6WGp6NGExZWZLRHJVdz0Yh6m47YoxSAASHQoOZXNwLmNyaXRlby5jb20Y3qW47YoxSABSAghkEhkKCnVpZGFwaS5jb20Y3qW47YoxSABSAghkEj4KBW9wZW54EixleUpwSWpvaU1WTkhlR2w2ZWxsU1pIbG5USGR0VUdvd2JYVkRVVDA5SW4wPRipqrjtijFIABIbCgxpZDUtc3luYy5jb20Yg6i47YoxSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

988682a7eb7e7f96d9ee9b625e1dc2c235397c3e741728177cb3c35b730b56d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13439
x-xss-protection: 0
google-lineitem-id: 5669218934
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138432832638
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C599 14 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dc013d63efb2e8c101b3e06e0ec1bce72d13c559206e530d31b2f46379ccbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11177
x-xss-protection: 0

GET
H2 200 container.html Show response
e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 17B0 6 KB
3 KB 63ms
47ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:29 GMT
expires: Tue, 11 Jun 2024 03:37:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F1E6 0
0 73ms
73ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306060101&jk=1514551052646387&rc=
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A9E 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C599 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65BC 0
0 91ms
91ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrdo45_whraBi3tNug6elCV1SeR5nNDQ-pZNsJI2ISJlYnp3LjaEmEpSde5bPp5wHfNQ1OvAPV-_dXmKxuPTxaSchFBxz7Hc6z84PNfyOMFpaYipD9uYu4NybRq4w5IiNfALXEJGL8m5W6vDi6-DOC1hM6CYjTj2ZcJ1R7Eknu1E6rcKRTCMykBsQc8S_7HzuohySC_CuFtqArgaO2Tjila5QgHTi0LyRCN2iaIQT8odQS4UrjJkiupLt9Z1-trs4IyGE4V82sHvjbNMTtzu0P7gEePQF7AUgRVzLd109KBvJUu2G7hTFFun_Oponk60nvmRiQkn4T&sai=AMfl-YTShgJCh33vAQJlwwTab-6gVkuj21OHFxVFyi6RRNi9BCS4hGM3R4__fzMXlwnjBnqpMJcXTpxGRCpsAVArrtx2SczwXT65IH47QOTJ0S3wtcXTL0RaMTzaWNDa8qM&sig=Cg0ArKJSzCDonei2X_KCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 8 KB
5 KB 820ms
263ms Script
application/javascript 104.199.210.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

12ef4ec2ac92904b4f8d2742ee09acbeda2bb83fb896425b357ea31d059d7c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:30 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H2 200 VM5AdLite.js Show response
man.vm5apis.com/dist/ 55 KB
16 KB 184ms
47ms Script
application/javascript 2600:9000:206f:7200:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/VM5AdLite.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9321bf7c5e14cef31f62d7b5469200de3dddae0b89c1409512126d1e62271f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:35:38 GMT
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Fri, 24 Mar 2023 10:39:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 195
x-amz-server-side-encryption: AES256
etag: W/"71052079210667b37a53addf48e9e143"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: IAO76y51F_qcf1LcToM47xsinotB-8J8WWxNHGrv-cmlg2RZkWz2TQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65BC 175 KB
55 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 03:37:29 GMT

GET
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ Frame 65BC 35 B
434 B 825ms
279ms Image
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pt0.vm5apis.com/api/v2/pixel?provider=GAM&event=placement_landing&eventDetails=%7B%22placementId%22%3A%20%226461c94cd0a531000135e82b%22%7D

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306070101/pubads_impl.js?cb=31075209

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:30 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BFC6 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Jun 2023 13:54:11 GMT
expires: Mon, 10 Jun 2024 13:54:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C33D 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d30251ef44a68b9cbe2d0072de647a6095c2af6c21f5b52eb497c29470d7e733

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9_NlYYu88wqBBPnq2aRWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-f9_NlYYu88wqBBPnq2aRWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 03:37:29 GMT
expires: Mon, 12 Jun 2023 03:37:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A9E 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3WRm2A
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C33D 0
0 73ms
73ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306070101&jk=1558615613309414&rc=
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 200 mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js Show response
pagead2.googlesyndication.com/bg/ Frame BFC6 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mZQVpQj-eDQajpu59Vq9E2pMu32_YVAoNW79LAI6QMI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 19:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 461136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14716
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jun 2024 19:31:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BFC6 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UyEzOA
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72C2 0
0 76ms
76ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306060101&jk=1514551052646387&bg=!m5ilmMzNAAaGYqkwpmI7ADkAdvg8WmhlxgnNc7htEohDE6U6Ejx8OvhhYvfrDG-fD6O7z42tvjc1R3I9lTAOS9XYUBqYH_vnHPYCAAAAalIAAAADaAEHmQMkUzgfMVlC-PoYPEg_Luj8o9dXITgysR7hJaT2v4vwBmlQ39q0Op2XsQK8-XVwBM2RXf5bqCjIw-rBaDNUAdrbyvbaMD9Kr35l7qMfsTbuUm3s5Dj190Sd8DwvvMeii3nwmfBGshxWrep0uomeIhuy6iv-0yhAddqsACcep7Z8Bpq58QZC16PWt_k0Z3GIjaSGk6K_Qhoc-lEcO-a2SnOdg8XtvG1oEQIhQp4OxPkmaZMpaLDYxvmanxgwVjKeUCFwldtE4qmi7LuM7x2PaNT3A28EdKIcRD54cjmBaeCGlS9HJdBlwS9ld28Tryl6MhEN6b3kFQBLgmDO4ZEa6nWTIfyaUcRnuSndEyNYR-D8pSKmmvin6iFX_fbyNAAcr-fOws7_cNNDb_aq4xDBA9srXK70uysMhwNwOWrqFA8eQtZObxs41BER3R5AQONC67mONKs2Op0qxbby12zF-SC863TeVy8Kk-Rr3vfzWLkvlil15m6b3fZTLoQmsZEeHU0wOQv2hVXzkOgt4VLvYnkdyCZlpzMusl7Mtc0WB0ZhU7646KKmjjvZd215Cs4ZukSwiwXbIpWxgDWc6v0aJj50VqzFxGk64txoenqV2uOqsyViIo9M20OYkigQa1bhv_oBgzUMaGfY-3E8EIJoqcZsfLO6hqoHyXMTPgj4TGnyCSrKWgvca5LPfmUw4sG4npUDhmO_qlg0sIliEUvsrXWa68ylOGCIfFp_Zq3-8boWJ8WCc3re36TdJwqBZw1jbk7ulgq1jDiFPVxsTGjsj8P7hB9hCTszJ62I50eglkmq26sikrkg8GCmFsayYDwvHD-l7cnxuBcjjRKzNjmK_UQdzhVR8DZxP_mJmWeNHqkcUsG4_kTMDGODWfzyyLFWPcrfy5TBt2wAnc0Ec_3AhHnK6GwInaNX0QAYDfIPoZQgZVc79zF0d4Oslj2AQTij4_t9HE8hRTpiTwoF8GNzMED_ZJ48D7Z5qBO6qrjxHGGch2bNfNhkH1wUE1sF_SgxiMabmvylkFvYa30C3c2N5m2EM9xnJAMJ8YWV0UdPUZBNMQ7keiAC
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C599 0
0 77ms
76ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306070101&jk=1558615613309414&bg=!y8ilyJzNAAaGYqkwpmI7ADkAdvg8WjoRd4-s4MD1C3GuZZ5xtKt_DcM9Sf03rQfvlKLcInnjL-Gc8pQdQPz-94-IAdyEF0xiAAICAAAAYlIAAAADaAEHmQMSeZ_r2OVWcDe0AKjDi57_W_7y0GMohl0dYmhlhHMTfPGTkIWtcQ2mKqRR5aiA7kzMr9XxiMuhR-n-yT7utdFbD32r_PjXz_Q1bWYpw2hl4SMQnOkaGXy9j067paeoMz7XjH1ydBKRCgK1ndiTbzOX6EtxYFYykWy6nLXa-BR_OAspiXn7SSeD7Cy5Wjn_jMMwLGoGIHCSiK4shq5wXzIyuBIdJEXqj-Fy4HJhwiQa3X12paJnwm7yFxeiwyQ1q-YhuW4nvnb0Dy3bY5jl-6ZJQyK0TPHOxqf1-iHmsXmncSnE0nqcDWxYymGgB_eYgxAPcitCoo-BYrQACEsipBDIpX2VhlZJw4X0pD_ksdAb6QzdKL9Ob30ox82LawMv6WoRVtcrcj-AfGYinaI4qA1s2VVJNt1r68M_KfiGVn-crXV_QMYBwksK58Oga9ONJKGJq65YeEyMpn6zVz2A6aaktNaw_0R7EodLZrIERVST9lX502Cm47grZcbHm7O8Yz-8vV2IHdC__6QjTNXpy__tW0L6miLtyRoluAJdkNmPVQAnlvmOkX8bwnW_YnxNRgcPy09y0EAgKr4UgmNM1l9WRiZLj2Khl2jzKhEaKtSvhe1VxJwrWgObLHA7YKLdMLCEfvSPhg7HxamVHb5qD-dVOP9My_jSPfoNAhmAPHAB8aQN4aOFaP7BFtRytd2eQbG3Q5J-obKmwkMxvL1ZqjUyte2wEhM7VCpynz8DoH-qZwVcLtXrxQu8YEy5FxjAklhViK0OM5Wo7vPdNPQ9wGxHzmTo9GNsqq_2UuyrVOh-vU2zaKIIMtMWaoBUxhsrmAdhq7oAW5NF43dlYsuhq_C-Y0RTTFqsAA8GhcsIRCz2FPwLxmHXo9R78EWIa4MpmiZcbQIOdn8_t4R3_MnhduT63ed-egi-H-upeRw-zPhCwGwt03nLmWNnqF46qYMBniUD42C4VDCKpgKlSv2CYbKvlJmrfNSQ9B7_Gm4aLtD-XQ6rX6pTUmIu8wUw-upTdWDQDhmw8te7roqGoGsgWJRm9nIQ
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ 0
192 B 1073ms
261ms XHR
application/octet-stream 104.199.245.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=92fb0386-558b-4bc6-a3d9-d363e44185dd
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Jun 2023 03:37:31 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65BC 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYCLu095hQfNsiCkTc9csJAFBeZ5EHu6zNljq9TDzLADMspTxiwvXuwkFdOBBTMVW_P6iDJTKaj-D8ptlE4WMFzor4D5Jmq7xOU4bWMgPQTfEf6VTbFzKIf2tSSkbzZJeH2JWufVQVoZS7XLGLwdx99wM1M9_XhqqBDr28xc8hJj8NMI-DItRpNKf0YqeLdP8HHRjzsOhhoP8EwXIItUIZclXTE4aE4PhnsXTvELCND1C9IhIGdVFMNaHdN_GpbVPXtYKxhKCTMRhJfIGmvP8lAroG7FO81uXz_LAOKLxaits32qKQzPSLuoP4XSZjimX6hs37gf5QwYE&sai=AMfl-YTAlFa93XfzXtAiJaWEYrLX7cQ94jWyBqdcZEQPc876dkVQ8Db0p1XCZWlE_yfgGd4XMro5J-XfDk-QVBTOs9rGHCZ9qVofjoCSWLFxuSICYbmCVc2whVrGfg1jap0&sig=Cg0ArKJSzPGa9qzhsNklEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 03:37:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Jun 2023 03:37:30 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 158ms
157ms Ping
image/gif 2607:f8b0:4003:c1c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lisazs3n&c=4474828409929710&e=31075063%2C31061691%2C31061692&ctx=1&met.9=1.6dh~2.6h8~13.6ht~9.0~3_1.6il~7_1.0~4_1.6l0~5_1.6lk~6_1.6lm&met.10=1_1.CAAQABiAmHUg4EEoAA&met.3=112.6j3_1&qqid.1=COHi6f_mvP8CFeHGuwgd6oIERw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4003:c1c::78 Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 03:37:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookie,cycle
img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/ 222 KB
0 2921ms
2921ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Mon, 12 Jun 2023 03:37:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Apr 2023 07:15:15 GMT
Server: Lighttpd
Host: img-02
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Expires: Mon, 12 Jun 2023 04:37:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xuite.net/	1969-12-31 23:59:59	Name: XWWWSESSID Value: 2ueun3e139016gvskprq2t5sp3
.xuite.net/	1970-01-20 21:50:37	Name: __gads Value: ID=f4977c1d95c7c14c:T=1686541046:RT=1686541046:S=ALNI_MbGXAaUyyJZcKKkWIjj3lZf0bd53g
.xuite.net/	1970-01-20 21:50:37	Name: __gpi Value: UID=00000c2ebd95b676:T=1686541046:RT=1686541046:S=ALNI_MbU51xABB3GSmqe9RGzHoF0b1HCFw
.doubleclick.net/	1970-01-20 21:50:37	Name: IDE Value: AHWqTUn5RKwles7oBkQSdxiV1rnqGYlG45QAbP7IbkyGVKCHQZ-zBb0-qs2SSUjuNTA
.criteo.com/	1970-01-20 21:50:37	Name: uid Value: ab2663a6-3cea-493d-8263-3c9302add051
.openx.net/	1970-01-20 21:14:37	Name: i Value: d521b18b-3cd8-45dc-a02f-098f8f49ae09\|1686541046
.xuite.net/	1970-01-20 21:50:37	Name: cto_bundle Value: qz-5Fl81cnNtRGFESjdNM1JKa0lEZGhMTHolMkYyU2I1Y1NjRnlaMEZYbEk2WUw0TUJTQzI4Z3I1Wms1SENidFY1U0tYT0s5OWZYdWF2cm9DcnB2TzFJVElVU2RVdmpEeFpYeHd5aHBmbU9Ib3VUJTJCTnJ0WVJzV3JGJTJCdk1IZVRnNWVqNFpYZTlONXpsUFhXZ0dmM3BJd3lOQXAxbnclM0QlM0Q
.xuite.net/	1969-12-31 23:59:59	Name: FOTOSSID Value: tg2p09rlps0h8933qrocar04i7
.xuite.net/	1969-12-31 23:59:59	Name: referer Value: https%3A%2F%2Fphoto.xuite.net%2F%40ack

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	Message: Refused to frame 'https://xuite.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.share.photo.xuite.net
77d1049a413459d0128142083a88317b.safeframe.googlesyndication.com
84169b97ba13c8bcc368316fe6065e7f.safeframe.googlesyndication.com
ad.sitemaji.com
ads.ad2iction.com
adservice.google.com
avatar.xuite.net
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
code.jquery.com
content.ad2iction.com
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
e2d1c2d187b94f897b8c514322fc3cb0.safeframe.googlesyndication.com
e9954824f35e87f9d925bc4e16a09050.safeframe.googlesyndication.com
esp.rtbhouse.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
img.xuite.net
invstatic101.creativecdn.com
letter.postlinkhk.com
m.xuite.net
man.vm5apis.com
match-hubble-man.vm5apis.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
photo.xuite.net
pt0.vm5apis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
vawpro.vm5apis.com
www.google.com
www.googletagservices.com
xuite.net
d31qbv1cthcecs.cloudfront.net
104.199.210.210
104.199.245.202
13.32.99.105
141.95.98.64
172.104.109.101
178.250.1.11
2001:4de0:ac18::1:a:3b
2001:b000:1c9:7600:0:a:d23d:3818
2001:b000:1c9:7600:0:a:d23d:3822
2001:b000:1c9:7600:0:a:d23d:3827
2001:b000:1c9:7600:0:a:d23d:382a
2001:b000:1c9:7600:0:a:d23d:3831
202.181.141.186
2600:9000:206f:7200:15:a9a7:4a80:93a1
2600:9000:225b:8c00:a:e047:753:be1
2606:4700:10::6816:3456
2607:f8b0:4003:c1c::78
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2002
2a02:2638:3::c
2a02:2638:d::2
2a04:4e42:600::485
34.102.146.192
34.120.107.143
34.252.159.132
34.96.70.87
34.98.64.218
35.186.215.140
35.190.39.111
35.194.212.25
65.9.66.104
99.84.88.112
02002e982f9fe485496efce8ff92f11fb21a82e3bf427fe13075ed78f254ffaf
033dc512c8e08219e66bcdd1f6642346c18515bd5a1e25f9dce3a5955765dd42
04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793
0c384e9f5a0511e6e45bbaf26eba3f51edf331b05e20efa57f243d87ad4c452e
11d575c2cf05f9d0b10907559c4ab8df9254d2f23bde2b24fedcc611779394b4
12ef4ec2ac92904b4f8d2742ee09acbeda2bb83fb896425b357ea31d059d7c29
1a7a480f427a0f5e53ad5c44b0cf654b96d87ef882e867cade1489f3e129be1f
21e57626a8996536d0457daf4cd00d9a2e591be9ddae537aa050823a30e1e32b
26a08019e4ce5c38e2bc902f0fdca6acba1edb884cc9e1deba30ac97e3404eee
27b581015428d488e994e4b19cbe263be0a07de9ca0348081ca2b3039aa1ddf8
2e4abfc8ceafc2f53e31619aed3cfca5241fe5d93c92b3cef3b658eac786f28a
2f09c7562c38f35c8d861de4860b0d506d76921e97af57737c6371795fb6f0fe
302461172e66ce2584287af13d376b5611f77078b7b0678e6f6ba68051e140e2
30830ea1a5344a00a324c77cb68d0104b70012e2367eeab1bafb79dd9b93391d
3319c62087d9c368d689ce37ca316cd7ac1f14e30d1c3a4597e96470420dc789
3553e5f1113bdb7435a6c0ed33654f80db6f4f88fd6e491ea9e44bdf944e4cd8
38b99aa71ad6c6a37a2ba0dfc81be411d8ab39dec8bc02ccae03d6d70f898153
39489c518819e3f8c11fbe1d810146ea74c43f203df7fa1198430207a39c23fa
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc
41feb9d42dced3b79ae2f422974c19716d5b74f6c349197801a238fba15cd43c
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b92b6a210a1c4ca08d3703f2956e8bdd64531d11e4d4fdc2408f709d46224d6
527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bb60ebd2bfa7d5a828c04cffa26e977318ab4616a60d10960b475ca91117bf
58b2adbaf1eb4f3c0ad60f5cb0968a5e502449dea1efd0cc17e2c8b1c1cb8b6c
607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06
723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659
73a91cc1910ec6b518df0a55e0c0dbaf0106bfdf936af75ddaf1e8304fa20a6d
74881fcd40aa7550d2d335137845f307148cef2a5de7a52c3a07ca87688ef3af
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
809b827f88bbbaf0eaf9d639ac60b09360d4dd1f3f422854b94747770913d817
81f4ca9f493d860311de551590885527f4d2c1e6fba8d6a64fdb3fcd02b8af82
82bfaaa4778ae743684e9e9a6f3335239bc9347ec89806f702ebf33b4091350b
82e489102b53928b74f6822a8be9f03c7c974e26096c55d4832c61b13baa7771
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8dc013d63efb2e8c101b3e06e0ec1bce72d13c559206e530d31b2f46379ccbcb
917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89
9321bf7c5e14cef31f62d7b5469200de3dddae0b89c1409512126d1e62271f4e
9346c9fa1638e839d87b92dd3357e784b9a8519bcea507bc51df392a2b8e8ac7
95f5b216a5060ef195de4c0e420b84f7fc7389b1829fe2ba7624c61e595d55d1
971e05265ac733b8b680ceda40289532d70d3969ced9102074df951b8ca4d8b2
988682a7eb7e7f96d9ee9b625e1dc2c235397c3e741728177cb3c35b730b56d5
999415a508fe78341a8e9bb9f55abd136a4cbb7dbf615028356efd2c023a40c2
9b19d07dfbaca6171829419d58c85deb5d9b725ba51311864de2c34575095125
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aba04cd4ec1f9aa3c9b0fc1067d2679357c451515ea586adeef0032206d9dd9d
ac409ab223d2d90f29f51ab3ef70592dad90c6a6c10e3c1c4bbda9e4070da5af
ad453851d7d827829599ea086e5807e3ddb9e619bf07985800b4486ea5a2dc35
aedc8dde3943b71dc68535bc49e008bddd5013edc62003d4db6290e1455c8bba
afbde569e053eba354ce4b583bad69ec0edd654d13a2eb1384ceab8a6569aa8c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f234f283300c457edcb301942b934984661d2aed19542f52e4ff84d682841a
ba2d99983779077cf8f28146ae97fc3681861dd8a20c22636bff07a2505f2398
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d2e2adf7177b7a8afddbc12d1634cf23ea1a71020f6a1308070a16400fb68fde
d30251ef44a68b9cbe2d0072de647a6095c2af6c21f5b52eb497c29470d7e733
d9a711216bb3a73145b689a5455848b75413343208372f526d9b6d9e6bf324fe
daaff9054abaa12966c131d0d69e252d07bda0d906553299b8274be205fc1c64
dcc43285ceff8137bef3533a358a5901b5978d4c3dda035b3cc00dd38c22f10c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57bd5b5c4127dbdd50f12387075e7aabf8a78bfecf645696de0df4693b73007
e6d71960a6026eb3513a3f4bb213d7d046243e93ce52c24682c5f60718c701c9
ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f
ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce
efa58e6c55e790f1c83deaa0e2b30bb1a075acc2ed6ec0f50f928c0d42dbc472
f125ac911d1ba7e0f09ac1f7490774eedb4fdf389d5ea40d2c2892c9021c90f1
f23da9dc04eeabf1c364f80876a42eed13a8e3798ee5645b905f548baf9e8e44
faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e
fb9ec3c4f84fd8220705d18e7d26f9823d2b638c5884322e79ff03d301d22518

m.xuite.net Open in urlscan Pro 2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

98 %HTTPS

54 %IPv6

23 Domains

42 Subdomains

36 IPs

8 Countries

1994 kBTransfer

5288 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

98 %
HTTPS

54 %
IPv6

23
Domains

42
Subdomains

36
IPs

8
Countries

1994 kB
Transfer

5288 kB
Size

9
Cookies

130 HTTP transactions
3 data transactions