www.live4d2u.com Open in urlscan Pro
2606:4700:3037::ac43:d651 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.live4d2u.com/
Effective URL:
https://www.live4d2u.com/index.html
Submission: On October 22 via manual (October 22nd 2020, 3:02:39 am UTC) from MY

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 141 HTTP transactions. The main IP is 2606:4700:3037::ac43:d651, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.live4d2u.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 17th 2020. Valid for: a year.

This is the only time www.live4d2u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	2606:4700:303... 2606:4700:3037::ac43:d651	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
2	61.213.187.169 61.213.187.169	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
6	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
141	16

35 2606:4700:3037::ac43:d651 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.live4d2u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 61.213.187.169 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com tpc.googlesyndication.com 3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com	734 KB
35	live4d2u.com 1 redirects www.live4d2u.com	345 KB
17	ampproject.org cdn.ampproject.org	355 KB
17	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	214 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	google-analytics.com www.google-analytics.com	38 KB
4	googletagservices.com www.googletagservices.com	90 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
2	google.de adservice.google.de	2 KB
2	facebook.com www.facebook.com
2	googleadservices.com partner.googleadservices.com	1 KB
2	genieessp.com js.genieessp.com	482 B
2	googletagmanager.com www.googletagmanager.com	75 KB
2	googleapis.com ajax.googleapis.com	60 KB
141	14

	Domain	Requested by
35	www.live4d2u.com	1 redirects www.live4d2u.com ajax.googleapis.com
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.live4d2u.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
17	cdn.ampproject.org	securepubads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.live4d2u.com
8	pagead2.googlesyndication.com	www.live4d2u.com pagead2.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.live4d2u.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.live4d2u.com
4	www.googletagservices.com	www.live4d2u.com pagead2.googlesyndication.com
4	maxcdn.bootstrapcdn.com	www.live4d2u.com
3	www.google.com	1 redirects www.live4d2u.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.facebook.com	www.live4d2u.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	js.genieessp.com	www.live4d2u.com
2	www.googletagmanager.com	www.live4d2u.com
2	ajax.googleapis.com	www.live4d2u.com
1	3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
141	19

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-30` - `2021-10-29`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.live4d2u.com/index.html
Frame ID: 72796C28F1EE6943BEC3C299940C9707
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/zrt_lookup.html
Frame ID: 188B1F9781434D582454E28C396B8962
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300
Frame ID: 3D65366A9247DCF46E213846A83ECAC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741177&bpp=43&bdt=844&idt=157&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=473245103794&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jj2KfIQTo1&p=https%3A//www.live4d2u.com&dtd=172
Frame ID: 85B86E88C21FD012BB4D7D13BA422131
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741221&bpp=3&bdt=887&idt=137&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XoRt1ruzsi&p=https%3A//www.live4d2u.com&dtd=140
Frame ID: 2172C5A3C648DC3C338DBF5B3AD35B8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741238&bpp=3&bdt=904&idt=126&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iW8Zwzmq88&p=https%3A//www.live4d2u.com&dtd=128
Frame ID: BFC087192D97D12F205A8BD8EBB1D6F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741282&bpp=1&bdt=948&idt=91&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=96
Frame ID: A8AE314EEDC34F704DD08F47CE6E2D30
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300
Frame ID: E54A00657E0E70663A649658ABB04223
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/zrt_lookup.html
Frame ID: 2517D7B49638BB6B23FD169D87260BA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742037&bpp=6&bdt=345&idt=73&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=5597541039446&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lxiBDEY5pR&p=https%3A//www.live4d2u.com&dtd=80
Frame ID: 5CF5F873CD7446B24C1473CBE6358429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742043&bpp=4&bdt=351&idt=79&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NnMgl73y7U&p=https%3A//www.live4d2u.com&dtd=82
Frame ID: DC3985ED2DB3450BDFCE40EC6F1C6CAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742047&bpp=2&bdt=355&idt=81&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5z2Yu7WzGD&p=https%3A//www.live4d2u.com&dtd=83
Frame ID: BF560843F5025DC1FCD0531F47F00BE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742049&bpp=1&bdt=356&idt=84&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=88
Frame ID: E9D5A6B4D3B81AA264C760F4E17024BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js
Frame ID: 1645262D021C360F8720D8BE9BE7CD96
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js
Frame ID: BD2884C0481C561AAA9F157F7A167876
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js
Frame ID: 723365B4C97FD69B9B048A2B4A33CD4F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: E2B937BDE3C1A38585B34308962E2363
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.live4d2u.com/ HTTP 301
https://www.live4d2u.com/index.html Page URL
https://www.live4d2u.com/index.html Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

141
Requests

99 %
HTTPS

73 %
IPv6

14
Domains

19
Subdomains

16
IPs

4
Countries

1948 kB
Transfer

4934 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.live4d2u.com/ HTTP 301
https://www.live4d2u.com/index.html Page URL
https://www.live4d2u.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.live4d2u.com/ HTTP 301
https://www.live4d2u.com/index.html

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
www.live4d2u.com/
Redirect Chain

http://www.live4d2u.com/
https://www.live4d2u.com/index.html

35 KB
6 KB

194ms
178ms

Document
text/html

2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c70746e1e78a5e062ca78e5adba8ffd617d21916a2157e39d6534524707997

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: www.live4d2u.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 22 Oct 2020 03:02:20 GMT
content-type: text/html
set-cookie: __cfduid=dbf66c255e6e0d6e5c4ed77330eba1dcf1603335740; expires=Sat, 21-Nov-20 03:02:20 GMT; path=/; domain=.live4d2u.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 22 Oct 2020 03:02:12 GMT
vary: Accept-Encoding
x-frame-options: DENY
cf-cache-status: DYNAMIC
cf-request-id: 05efdaf2fd00002b7db52a9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335740"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e5ffa97fc472b7d-FRA
content-encoding: br

Redirect headers

Date: Thu, 22 Oct 2020 03:02:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 22 Oct 2020 04:02:20 GMT
Location: https://www.live4d2u.com/index.html
cf-request-id: 05efdaf2d50000c2eaadb6a000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335740"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5e5ffa97bb95c2ea-FRA

GET
H2 200 jquery-ui.css
www.live4d2u.com/css/jqueryui/ 31 KB
7 KB 14ms
12ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/jqueryui/jquery-ui.css
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03e99f0aff5436a6c0e55736133a1d51caead38e13ae380114341e007b723ca

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 404976
cf-polished: origSize=36607
status: 200
cf-bgj: minify
cf-request-id: 05efdaf3b700002b7decb07000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335740"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffa992de42b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 bootstrap.css
www.live4d2u.com/css/ 118 KB
18 KB 202ms
200ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/bootstrap.css?766289
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee54303bff77d6245309b581cc3ae404c374a4cb95174695256ebc5ee00ccee

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=146128
status: 200
cf-bgj: minify
cf-request-id: 05efdaf3b700002b7dca039000000001
pragma: public
last-modified: Tue, 30 Jun 2020 00:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffa992de62b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 newlive.css
www.live4d2u.com/css/ 7 KB
2 KB 13ms
11ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/newlive.css?766289
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8b33f7e43d0a7962526faee765ca842e4569654344ad3c74c4126839b0bcc4

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397276
cf-polished: origSize=7599
status: 200
cf-bgj: minify
cf-request-id: 05efdaf3b700002b7de7852000000001
pragma: public
last-modified: Tue, 30 Jun 2020 00:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335740"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffa992de92b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 368ms
22ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55469
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:37:51 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 369ms
23ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 jqueryui.min.js Show response
www.live4d2u.com/js/ 163 KB
67 KB 25ms
24ms Script
application/javascript 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/js/jqueryui.min.js?20180709
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38dc9e694cbb2eed3cad8b4dcf58439086f58af420fe7cbf83db7550820577b

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397498
status: 200
cf-request-id: 05efdaf3b700002b7dfa377000000001
pragma: public
last-modified: Sat, 11 May 2019 04:38:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335740"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffa992dea2b7d-FRA
expires: Wed, 16 Dec 2020 03:21:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 41ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31910035-1

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cbac6aa05f4dbf84bb08c0f9f7237c43072b204f0b8cbfd7e357c1aa2d14e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37912
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 03:02:20 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432a90085c1b822d6902245dcefd172688ce505634cb370798d88e6c914dfa3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "670 / 435 of 1000 / last-modified: 1603318268"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17688
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:20 GMT

GET
H/1.1 200
OK a1449818.js Show response
js.genieessp.com/t/449/818/ 0
241 B 810ms
264ms Script
text/plain 61.213.187.169
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/449/818/a1449818.js
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.213.187.169 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 03:02:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H2 200 live4d2u.png
www.live4d2u.com/images/ 31 KB
31 KB 235ms
235ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/live4d2u.png?2
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3543e422b70c27b92cad0467ab812c07009c851cb96b5450e9c4df4abd18b47

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 31605
cf-request-id: 05efdaf5b000002b7dc2ba3000000001
pragma: public
last-modified: Tue, 30 Oct 2018 03:10:25 GMT
server: cloudflare
etag: "5bd7cba1-7b75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9c49952b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

230173be9fdfa067dfa6e59492e8d3e1f7a2461d7f9e8108d66d2fc9b9140936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45777
x-xss-protection: 0
server: cafe
etag: 6075935504648170439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H2 200 logo_magnum.gif
www.live4d2u.com/images/ 2 KB
2 KB 11ms
11ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_magnum.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c655a50bd0d775ce29cad2ccfe471421fce3a4069d729b0771a827d37cd80d06

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1888
cf-request-id: 05efdaf6bd00002b7dfab28000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9dfbff2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 logo_damacai.gif
www.live4d2u.com/images/ 2 KB
2 KB 12ms
12ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_damacai.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9736f159ea78dd1d61e8139b723521113cfdcffaf5ed37e4caa089309e90a3

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25998
status: 200
content-length: 1826
cf-request-id: 05efdaf6ca00002b7dfa3a0000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9e0c212b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 logo_toto.gif
www.live4d2u.com/images/ 2 KB
2 KB 10ms
10ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_toto.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e4f59cfd262f541623bed8ed5a907798a3ed1cb3b72a908b29e4a6f0496782

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1982
cf-request-id: 05efdaf6d700002b7dedb6e000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9e2c422b7d-FRA
expires: Sun, 06 Dec 2020 00:39:25 GMT

GET
H2 200 horse.png
www.live4d2u.com/images/zodiac/ 3 KB
3 KB 12ms
10ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/zodiac/horse.png
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71732bd06efe339d3418e68291430236dbbeecee97479cb3fa35ba857cea17a

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1727
status: 200
content-length: 2761
cf-request-id: 05efdaf6e300002b7dc2393000000001
pragma: public
last-modified: Sun, 01 Sep 2019 01:20:29 GMT
server: cloudflare
etag: "5d6b1cdd-ac9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9e3c602b7d-FRA
expires: Fri, 11 Dec 2020 14:03:28 GMT

GET
H2 200 loader.gif
www.live4d2u.com/images/ 6 KB
6 KB 11ms
10ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/loader.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1727
status: 200
content-length: 6242
cf-request-id: 05efdaf6e300002b7dab34d000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:25 GMT
server: cloudflare
etag: "5afd2db1-1862"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9e3c622b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 4d.js Show response
www.live4d2u.com/js/ 5 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/js/4d.js?20200503
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debfff9b0ec99dc9c126b6ebf0e4a7d802176dade0cf53dd509f3704fb930b69

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397186
cf-polished: origSize=6715
status: 200
cf-bgj: minify
cf-request-id: 05efdaf53700002b7dedb56000000001
pragma: public
last-modified: Sat, 02 May 2020 16:32:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffa9b88b22b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31910035-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6393
date: Thu, 22 Oct 2020 01:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 22 Oct 2020 03:15:48 GMT

GET
H2 200 pubads_impl_2020101501.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 83ms
30ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:42:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97658
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/ 230 KB
87 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fdc007044c914d7a971314dfce60c98ad5a39e70b468784a91a3bf182139f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88440
x-xss-protection: 0
server: cafe
etag: 18356357543767570859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
650 B 94ms
42ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.live4d2u.com&callback=_gfp_s_&client=ca-pub-3078197180359812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

f214ae49b4c30721724166004ba775521ebd31249928c519c5eb66bb464438f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 glyphicons-halflings-regular.woff2
www.live4d2u.com/fonts/ 18 KB
18 KB 10ms
10ms Font
application/octet-stream 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/css/bootstrap.css?766289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Origin: https://www.live4d2u.com
Referer: https://www.live4d2u.com/css/bootstrap.css?766289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1725
status: 200
content-length: 18028
cf-request-id: 05efdaf70300002b7d8d39e000000001
last-modified: Thu, 17 May 2018 07:22:39 GMT
server: cloudflare
etag: "5afd2dbf-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e5ffa9e6ca92b7d-FRA

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/ Frame 188B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201019/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 22 Oct 2020 00:59:58 GMT
expires: Thu, 05 Nov 2020 00:59:58 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 7343
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
428 B 38ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1649253469&t=pageview&_s=1&dl=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ul=en-us&de=UTF-8&dt=Live%204D2U%20Results%20-%20Keputusan%204D%20-%20Magnum%204D%2C%20Toto%2C%20DaMaCai%20Malaysia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2100661854&gjid=1873095137&cid=1914402067.1603335741&tid=UA-31910035-1&_gid=1051347006.1603335741&_r=1&gtm=2ou9u1&z=270171170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 03:02:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.live4d2u.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likebox.php
www.facebook.com/plugins/ Frame 3D65 0
0 137ms
124ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: 8RKYOlIJe9RrRy121ozwRKFPszpXcS2KTPaEwnhUQJAshhK3QB3tDRyxeisqi4r8WzBKykA3cYP7ZCh7paYgSg==
date: Thu, 22 Oct 2020 03:02:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 drop_arrow.png
www.live4d2u.com/images/ 167 B
441 B 11ms
10ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/drop_arrow.png
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/css/newlive.css?766289
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88a2a1b6776ca0f3a592c3b3b4df4751e234c81d0298bd89a524ce9d2007b66

Request headers

Referer: https://www.live4d2u.com/css/newlive.css?766289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1724
status: 200
content-length: 167
cf-request-id: 05efdaf75a00002b7deb387000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:27 GMT
server: cloudflare
etag: "5afd2db3-a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffa9efd622b7d-FRA
expires: Thu, 03 Dec 2020 18:44:23 GMT

GET
H2 200 genwestjson.html
www.live4d2u.com/ 24 KB
2 KB 207ms
206ms XHR
text/html 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/genwestjson.html?drawpastdate=&_=1603335740719

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.live4d2u.com/index.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Oct 2020 03:02:12 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335741"}],"group":"cf-nel","max_age":604800}
content-type: text/html
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e5ffa9f0d8e2b7d-FRA
cf-request-id: 05efdaf76900002b7dfa3aa000000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.live4d2u.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.live4d2u.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H2 200 container.html
aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 85B8 0
0 265ms
264ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741177&bpp=43&bdt=844&idt=157&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=473245103794&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jj2KfIQTo1&p=https%3A//www.live4d2u.com&dtd=172

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741177&bpp=43&bdt=844&idt=157&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=473245103794&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jj2KfIQTo1&p=https%3A//www.live4d2u.com&dtd=172
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:21 GMT
server: cafe
content-length: 21785
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Oct-2020 03:17:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Oct 2020 03:02:21 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27607
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2172 0
0 226ms
226ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741221&bpp=3&bdt=887&idt=137&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XoRt1ruzsi&p=https%3A//www.live4d2u.com&dtd=140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741221&bpp=3&bdt=887&idt=137&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=XoRt1ruzsi&p=https%3A//www.live4d2u.com&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:21 GMT
server: cafe
content-length: 20187
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Oct-2020 03:17:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Oct 2020 03:02:21 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame BFC0 0
0 164ms
163ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741238&bpp=3&bdt=904&idt=126&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iW8Zwzmq88&p=https%3A//www.live4d2u.com&dtd=128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741238&bpp=3&bdt=904&idt=126&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=iW8Zwzmq88&p=https%3A//www.live4d2u.com&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:21 GMT
server: cafe
content-length: 202
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Oct-2020 03:17:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Oct 2020 03:02:21 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A8AE 0
0 49ms
49ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741282&bpp=1&bdt=948&idt=91&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=96

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335741282&bpp=1&bdt=948&idt=91&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=473245103794&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066922%2C21067466%2C21067493&oid=3&pvsid=3329355287397725&pem=142&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:21 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 22-Oct-2020 03:17:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Oct 2020 03:02:21 GMT
cache-control: private

GET
H2 200 Primary Request index.html Show response
www.live4d2u.com/ 35 KB
5 KB 185ms
185ms Document
text/html 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/index.html

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c70746e1e78a5e062ca78e5adba8ffd617d21916a2157e39d6534524707997

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: www.live4d2u.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dbf66c255e6e0d6e5c4ed77330eba1dcf1603335740; _ga=GA1.2.1914402067.1603335741; _gid=GA1.2.1051347006.1603335741; _gat_gtag_UA_31910035_1=1; __gads=ID=efd8d08539bbdceb-22e968704fa600ac:T=1603335741:RT=1603335741:S=ALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg; reload129=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
date: Thu, 22 Oct 2020 03:02:21 GMT
content-type: text/html
last-modified: Thu, 22 Oct 2020 03:02:12 GMT
vary: Accept-Encoding
x-frame-options: DENY
cf-cache-status: DYNAMIC
cf-request-id: 05efdaf83b00002b7dc103e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5e5ffaa05f4a2b7d-FRA
content-encoding: br

GET
H2 200 logo_damacai.gif
www.live4d2u.com/images/ 2 KB
2 KB 14ms
14ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_damacai.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25998
status: 200
content-length: 1826
cf-request-id: 05efdaf83c00002b7dc2bc8000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa05f4c2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 logo_toto.gif
www.live4d2u.com/images/ 2 KB
2 KB 10ms
10ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_toto.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1982
cf-request-id: 05efdaf83e00002b7db52f2000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa06f4f2b7d-FRA
expires: Sun, 06 Dec 2020 00:39:25 GMT

GET
H2 200 horse.png
www.live4d2u.com/images/zodiac/ 3 KB
3 KB 11ms
11ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/zodiac/horse.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1727
status: 200
content-length: 2761
cf-request-id: 05efdaf83e00002b7d7cbc3000000001
pragma: public
last-modified: Sun, 01 Sep 2019 01:20:29 GMT
server: cloudflare
etag: "5d6b1cdd-ac9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa06f512b7d-FRA
expires: Fri, 11 Dec 2020 14:03:28 GMT

GET
H2 200 logo_magnum.gif
www.live4d2u.com/images/ 2 KB
2 KB 10ms
10ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_magnum.gif
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1888
cf-request-id: 05efdaf84000002b7dbe02c000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa06f542b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 jquery-ui.css
www.live4d2u.com/css/jqueryui/ 31 KB
7 KB 14ms
11ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/jqueryui/jquery-ui.css
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03e99f0aff5436a6c0e55736133a1d51caead38e13ae380114341e007b723ca

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 404977
cf-polished: origSize=36607
status: 200
cf-bgj: minify
cf-request-id: 05efdaf90800002b7dc6038000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffaa1a8eb2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 bootstrap.css
www.live4d2u.com/css/ 118 KB
18 KB 18ms
15ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/bootstrap.css?766289
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fee54303bff77d6245309b581cc3ae404c374a4cb95174695256ebc5ee00ccee

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: origSize=146128
status: 200
cf-bgj: minify
cf-request-id: 05efdaf90a00002b7dfa3c0000000001
pragma: public
last-modified: Tue, 30 Jun 2020 00:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffaa1a8ec2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 newlive.css
www.live4d2u.com/css/ 7 KB
1 KB 15ms
12ms Stylesheet
text/css 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/css/newlive.css?766289
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8b33f7e43d0a7962526faee765ca842e4569654344ad3c74c4126839b0bcc4

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397277
cf-polished: origSize=7599
status: 200
cf-bgj: minify
cf-request-id: 05efdaf90800002b7dbe037000000001
pragma: public
last-modified: Tue, 30 Jun 2020 00:26:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffaa1a8ed2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
21ms Stylesheet
text/css 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55470
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:37:51 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 25ms
23ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 jqueryui.min.js Show response
www.live4d2u.com/js/ 163 KB
67 KB 22ms
20ms Script
application/javascript 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/js/jqueryui.min.js?20180709
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38dc9e694cbb2eed3cad8b4dcf58439086f58af420fe7cbf83db7550820577b

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397499
status: 200
cf-request-id: 05efdaf90900002b7dd838f000000001
pragma: public
last-modified: Sat, 11 May 2019 04:38:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffaa1a8f42b7d-FRA
expires: Wed, 16 Dec 2020 03:21:03 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
38 KB 40ms
27ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31910035-1

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1f64763782f51c32f1b9587ca8adfcf4368164b8786c29f825afbae89435492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37961
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
17 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b727f095e7138f5dba48105d0296d15fd18774da79aee8e26db50c5bb9fc8144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "670 / 219 of 1000 / last-modified: 1603318332"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17666
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H/1.1 200
OK a1449818.js Show response
js.genieessp.com/t/449/818/ 0
241 B 265ms
264ms Script
text/plain 61.213.187.169
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/449/818/a1449818.js
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.213.187.169 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 22 Oct 2020 03:02:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H2 200 live4d2u.png
www.live4d2u.com/images/ 31 KB
31 KB 212ms
212ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/live4d2u.png?2
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3543e422b70c27b92cad0467ab812c07009c851cb96b5450e9c4df4abd18b47

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
content-length: 31605
cf-request-id: 05efdaf98d00002b7ded370000000001
pragma: public
last-modified: Tue, 30 Oct 2018 03:10:25 GMT
server: cloudflare
etag: "5bd7cba1-7b75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa27a142b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

230173be9fdfa067dfa6e59492e8d3e1f7a2461d7f9e8108d66d2fc9b9140936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45777
x-xss-protection: 0
server: cafe
etag: 6075935504648170439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H2 200 logo_magnum.gif
www.live4d2u.com/images/ 2 KB
2 KB 13ms
10ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_magnum.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c655a50bd0d775ce29cad2ccfe471421fce3a4069d729b0771a827d37cd80d06

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1888
cf-request-id: 05efdafa1400002b7dc4348000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-760"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa35b1d2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 logo_damacai.gif
www.live4d2u.com/images/ 2 KB
2 KB 13ms
11ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_damacai.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9736f159ea78dd1d61e8139b723521113cfdcffaf5ed37e4caa089309e90a3

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 25998
status: 200
content-length: 1826
cf-request-id: 05efdafa1500002b7dfab58000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa35b1e2b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 logo_toto.gif
www.live4d2u.com/images/ 2 KB
2 KB 15ms
13ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/logo_toto.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e4f59cfd262f541623bed8ed5a907798a3ed1cb3b72a908b29e4a6f0496782

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1728
status: 200
content-length: 1982
cf-request-id: 05efdafa1500002b7dc4bea000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:30 GMT
server: cloudflare
etag: "5afd2db6-7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa35b1f2b7d-FRA
expires: Sun, 06 Dec 2020 00:39:25 GMT

GET
H2 200 horse.png
www.live4d2u.com/images/zodiac/ 3 KB
3 KB 13ms
10ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/zodiac/horse.png
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71732bd06efe339d3418e68291430236dbbeecee97479cb3fa35ba857cea17a

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1727
status: 200
content-length: 2761
cf-request-id: 05efdafa1500002b7ddabcf000000001
pragma: public
last-modified: Sun, 01 Sep 2019 01:20:29 GMT
server: cloudflare
etag: "5d6b1cdd-ac9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa35b222b7d-FRA
expires: Fri, 11 Dec 2020 14:03:28 GMT

GET
H2 200 loader.gif
www.live4d2u.com/images/ 6 KB
6 KB 14ms
12ms Image
image/gif 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/loader.gif
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1727
status: 200
content-length: 6242
cf-request-id: 05efdafa1500002b7decb66000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:25 GMT
server: cloudflare
etag: "5afd2db1-1862"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa35b242b7d-FRA
expires: Thu, 03 Dec 2020 18:44:24 GMT

GET
H2 200 4d.js Show response
www.live4d2u.com/js/ 5 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.live4d2u.com/js/4d.js?20200503
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debfff9b0ec99dc9c126b6ebf0e4a7d802176dade0cf53dd509f3704fb930b69

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 397187
cf-polished: origSize=6715
status: 200
cf-bgj: minify
cf-request-id: 05efdaf92a00002b7ddbbc6000000001
pragma: public
last-modified: Sat, 02 May 2020 16:32:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
cf-ray: 5e5ffaa1d9332b7d-FRA
expires: Thu, 03 Dec 2020 18:44:20 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31910035-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6393
date: Thu, 22 Oct 2020 01:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 22 Oct 2020 03:15:48 GMT

GET
H3-Q050 200 pubads_impl_2020102001.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
96 KB 32ms
31ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 08:43:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98311
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:21 GMT

GET
H2 200 likebox.php
www.facebook.com/plugins/ Frame E54A 0
0 46ms
44ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https://www.facebook.com/live4d2u&colorscheme=light&show_faces=true&stream=false&header=false&height=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: SLlZ8/XFvIRLqyPNpVtQR4B21IkIPMdvC9IR7iL0flaFnRl4L+51Frm6aqeK1xIxDACAMqloF8/AU7OcYT5j2A==
date: Thu, 22 Oct 2020 03:02:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 drop_arrow.png
www.live4d2u.com/images/ 167 B
340 B 10ms
10ms Image
image/png 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.live4d2u.com/images/drop_arrow.png
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/css/newlive.css?766289
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d88a2a1b6776ca0f3a592c3b3b4df4751e234c81d0298bd89a524ce9d2007b66

Request headers

Referer: https://www.live4d2u.com/css/newlive.css?766289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1724
status: 200
content-length: 167
cf-request-id: 05efdafa2300002b7dbeb9a000000001
pragma: public
last-modified: Thu, 17 May 2018 07:22:27 GMT
server: cloudflare
etag: "5afd2db3-a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=5184000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5e5ffaa36b362b7d-FRA
expires: Thu, 03 Dec 2020 18:44:23 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.live4d2u.com/fonts/ 18 KB
18 KB 14ms
14ms Font
application/octet-stream 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/css/bootstrap.css?766289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Origin: https://www.live4d2u.com
Referer: https://www.live4d2u.com/css/bootstrap.css?766289
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1725
status: 200
content-length: 18028
cf-request-id: 05efdafa2400002b7dc2bdf000000001
last-modified: Thu, 17 May 2018 07:22:39 GMT
server: cloudflare
etag: "5afd2dbf-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e5ffaa36b372b7d-FRA

GET
H2 200 genwestjson.html Show response
www.live4d2u.com/ 24 KB
3 KB 179ms
179ms XHR
text/html 2606:4700:3037::ac43:d651
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.live4d2u.com/genwestjson.html?drawpastdate=&_=1603335741737

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d651 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc945e2acf1f1c52759e74cdf111c1dd7f6495688abeb1d7d4b1f84016f1a6bb

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.live4d2u.com/index.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Oct 2020 03:02:12 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603335742"}],"group":"cf-nel","max_age":604800}
content-type: text/html
status: 200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5e5ffaa37b472b7d-FRA
cf-request-id: 05efdafa2c00002b7dd839e000000001

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=848249571&t=pageview&_s=1&dl=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ul=en-us&de=UTF-8&dt=Live%204D2U%20Results%20-%20Keputusan%204D%20-%20Magnum%204D%2C%20Toto%2C%20DaMaCai%20Malaysia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAUAB~&jid=&gjid=&cid=1914402067.1603335741&tid=UA-31910035-1&_gid=1051347006.1603335741&gtm=2ouae1&z=1485643825

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Oct 2020 13:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49540
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/ 230 KB
87 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fdc007044c914d7a971314dfce60c98ad5a39e70b468784a91a3bf182139f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88440
x-xss-protection: 0
server: cafe
etag: 18356357543767570859
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Oct 2020 03:02:22 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
466 B 79ms
48ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.live4d2u.com&callback=_gfp_s_&client=ca-pub-3078197180359812&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/ Frame 2517 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201019/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201019/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 22 Oct 2020 00:59:58 GMT
expires: Thu, 05 Nov 2020 00:59:58 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 7344
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
868 B 36ms
20ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.live4d2u.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
868 B 38ms
22ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.live4d2u.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 209 KB
21 KB 423ms
422ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1183497879591482&correlator=4077279926367592&output=ldjh&impl=fifs&eid=21067119%2C21068065%2C21068090%2C21065517%2C21067753&vrg=2020102001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201022&iu_parts=424536528%2C1404340_live4d2u_320x50_overlay_AdX%2C17294_live4d2u.com_300x250_responsive%2C17297_live4d2u.com_300x250_responsive_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C320x50%2C320x50%7C300x250%7C336x280%2C320x50%7C300x250%7C336x280&fluid=height%2Cheight%2Cheight&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&bc=31&abxe=1&lmt=1603335732&dt=1603335742083&dlt=1603335741692&idt=376&frm=20&biw=1600&bih=1200&oid=3&adxs=640%2C716%2C339&adys=1200%2C895%2C2771&adks=1447921086%2C929365401%2C825179080&ucis=1%7C2%7C3&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&dssz=27&icsg=540158635&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x-1%7C357x250%7C357x250&msz=320x-1%7C357x250%7C357x250&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&fws=512%2C4%2C4&ohw=0%2C357%2C357&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

d03f19cdd82fad588092cf36fcd123dad0dbd645d080511058e564b9a3552a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21601
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.live4d2u.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
14ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 8ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5CF5 0
0 296ms
295ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742037&bpp=6&bdt=345&idt=73&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=5597541039446&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lxiBDEY5pR&p=https%3A//www.live4d2u.com&dtd=80

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6697434474&adk=717861913&adf=1426969186&pi=t.ma~as.6697434474&w=735&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=735x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742037&bpp=6&bdt=345&idt=73&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&correlator=5597541039446&frm=20&pv=2&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=540158635&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=lxiBDEY5pR&p=https%3A//www.live4d2u.com&dtd=80
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:22 GMT
server: cafe
content-length: 24222
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27607
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:22 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame DC39 0
0 248ms
247ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742043&bpp=4&bdt=351&idt=79&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NnMgl73y7U&p=https%3A//www.live4d2u.com&dtd=82

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=3933467463&adk=1857232823&adf=3430766976&pi=t.ma~as.3933467463&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742043&bpp=4&bdt=351&idt=79&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=895&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NnMgl73y7U&p=https%3A//www.live4d2u.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:22 GMT
server: cafe
content-length: 23859
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame BF56 0
0 225ms
225ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742047&bpp=2&bdt=355&idt=81&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5z2Yu7WzGD&p=https%3A//www.live4d2u.com&dtd=83

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&h=280&slotname=6368059110&adk=2263337472&adf=842969698&pi=t.ma~as.6368059110&w=358&fwrn=4&fwrnh=100&lmt=1603335732&rafmt=1&psa=1&guci=1.2.0.0.2.2.0.0&format=358x280&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742047&bpp=2&bdt=355&idt=81&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=1739&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=5z2Yu7WzGD&p=https%3A//www.live4d2u.com&dtd=83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:22 GMT
server: cafe
content-length: 27136
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E9D5 0
0 48ms
48ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742049&bpp=1&bdt=356&idt=84&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3078197180359812&output=html&adk=1812271804&adf=3025194257&lmt=1603335732&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603335742049&bpp=1&bdt=356&idt=84&shv=r20201019&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Defd8d08539bbdceb-22e968704fa600ac%3AT%3D1603335741%3ART%3D1603335741%3AS%3DALNI_MbWBiepe_y316YvIMPiHqxVqzHfyg&prev_fmts=735x280%2C358x280%2C358x280&nras=1&correlator=5597541039446&frm=20&pv=1&ga_vid=1914402067.1603335741&ga_sid=1603335742&ga_hid=848249571&ga_fc=0&iag=0&icsg=9130093227&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1183497879591482&pem=142&ref=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 22 Oct 2020 03:02:22 GMT
server: cafe
content-length: 34
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010122315000/ Frame 1645 205 KB
56 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57150
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9715d5719dcfdbf4"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 1645 14 KB
5 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "279840de0e1327fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 1645 96 KB
29 KB 44ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59723
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29488
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3d99b3326035eca3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:59 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 1645 4 KB
2 KB 43ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59731
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb28063f0b321e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 1645 45 KB
15 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59732
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b78f479991288ae5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:50 GMT

GET
DATA 200
OK truncated
/ Frame 1645 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e8e297496605cf8cd209ccff38a9628886cb5f51d22d147a5f2cb758e9fd454

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5411345749865326372
tpc.googlesyndication.com/daca_images/simgad/ Frame 1645 21 KB
21 KB 20ms
19ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5411345749865326372

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

201ba8eba869428559e189d302709a58cfaf831f40afc6fc9b51a0fc63c0d545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:01:39 GMT
x-content-type-options: nosniff
age: 86443
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Sun, 23 Sep 2018 06:09:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 03:01:39 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1645 2 KB
3 KB 18ms
18ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57204
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1645 295 B
388 B 20ms
17ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1645 0
0 118ms
115ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd6fKPvaQX_79CJKQgQeCu4-IBIP8lrJdsO6Mm9EJ8Lja7_sOEAEg6qekV2CRhJOF_BegAcvi4oQDyAEC4AIAqAMByAMIqgTxAU_QCvIWx4g9Sktv668tSoEplVK6Gvy0fFOuWW7UvFHiX38Kuv1_OFJIuVm3XsMu9vMnwitSMPyLyOxaMB0u441vHxH8PFZ81l2ny6lywjkXV72fLLMxUMPCYpmlVuJBnthjKdIeeKAWZ5QEP9rjFWn1vfHinVPBaMPTbd-cil3IvpKHgdSeX6exVgoVi7sjCndcKLRCbuz-phLVce2_Qz4pPolvbtnqnErsdppQuGmyymvzUkgMk59cRNHJ2L_llTr2aWHz_neQnz9G9UbY8R7hGVLqC7C7nrebKUwvOK7IwZjKUWdL55PcJMIy-Jw4307ABPDfztaSAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAednZ17qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJfyAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzI0MTIwNzA4ODc4ODA1OYAKA8gLAbIMFHB1Yi03OTQ1MDQ0ODYzODc0Nzg3wgwCCAHYEww&sigh=yk9uMiM-Ykw&tpd=AGWhJmscOtU4-6bNYNVAnHoXmu8UfgLSr1oHKWQrdvGUnW0FsQ
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010122315000/ Frame BD28 205 KB
56 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57150
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9715d5719dcfdbf4"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame BD28 14 KB
5 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "279840de0e1327fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame BD28 96 KB
29 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59723
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29488
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3d99b3326035eca3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:59 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame BD28 76 KB
18 KB 109ms
107ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7a650bd47fb51257a5212eb8911ccaab4b24885827b5bbcf0dcdf687c51964

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 208470
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18087
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3c7f698b6635062d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:52 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame BD28 4 KB
2 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59731
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb28063f0b321e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame BD28 45 KB
14 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59732
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b78f479991288ae5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:50 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD28 2 KB
2 KB 8ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57204
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD28 295 B
319 B 93ms
91ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
DATA 200
OK truncated
/ Frame BD28 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30c1e3255bdef723c9260002ead329c89b07dd688cf886a84138967a09ea149

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 58 KB
58 KB 90ms
88ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/bg.jpg

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8b7764d21b36f981856e4c06f2d3cb916786f16995619685629c854141a813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 01:09:09 GMT
x-content-type-options: nosniff
age: 179593
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59145
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 01:09:09 GMT

GET
H3-Q050 200 letop.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 3 KB
3 KB 91ms
89ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/letop.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089cda4055d4665fc56c0754e83831c9e34736b1480c9aa609bc904fb14b0c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 22:16:00 GMT
x-content-type-options: nosniff
age: 17182
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3033
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 22:16:00 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 119 KB
119 KB 92ms
89ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/logo.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb29177f26aa11a104496349a2109b0dbdd1bcb1c31f3dcc80087ef6fb2461a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 22:27:29 GMT
x-content-type-options: nosniff
age: 448493
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121617
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 22:27:29 GMT

GET
H3-Q050 200 frame1-speechballoon.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 7 KB
7 KB 92ms
90ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/frame1-speechballoon.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcde6e7b621b789ceef1b4ba07e6cffed3c70ee428f6a71b805aad95a02fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 22:34:50 GMT
x-content-type-options: nosniff
age: 188852
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6967
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 22:34:50 GMT

GET
H3-Q050 200 frame3-title.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 10 KB
10 KB 94ms
92ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/frame3-title.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a12450ff8ace362a899044741ac66daf29c89ef3fec5157c57ab4f7d13d8f026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 22:34:50 GMT
x-content-type-options: nosniff
age: 188852
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 22:34:50 GMT

GET
H3-Q050 200 checkmark.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 400 B
479 B 95ms
93ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/checkmark.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e5d5508e120f41a9fb7a87dac8fc5911980c342f4df103fae87fae48d8a6086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 07:35:40 GMT
x-content-type-options: nosniff
age: 70002
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 07:35:40 GMT

GET
H3-Q050 200 button.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame BD28 3 KB
3 KB 95ms
93ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/button.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0def69edd34e729ffe93e1e0b09ee3e4766ccd3b7de2e0ea4176348ee741e1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 22:16:00 GMT
x-content-type-options: nosniff
age: 17182
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2604
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 22:16:00 GMT

GET
H3-Q050 200 A.gif
tpc.googlesyndication.com/sadbundle/18180929292253128788/_genassets/ Frame BD28 42 B
131 B 100ms
99ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/_genassets/A.gif

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 02:14:13 GMT
x-content-type-options: nosniff
age: 89289
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 02:14:13 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010122315000/ Frame 7233 205 KB
56 KB 103ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57150
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9715d5719dcfdbf4"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 7233 14 KB
6 KB 100ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59712
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5340
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "279840de0e1327fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:27:10 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 7233 96 KB
29 KB 105ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59723
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29488
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3d99b3326035eca3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:59 GMT

GET
H3-Q050 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 7233 76 KB
18 KB 104ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7a650bd47fb51257a5212eb8911ccaab4b24885827b5bbcf0dcdf687c51964

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 208470
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18087
x-xss-protection: 0
server: sffe
date: Mon, 19 Oct 2020 17:07:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3c7f698b6635062d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 17:07:52 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 7233 4 KB
2 KB 104ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59731
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bb28063f0b321e21"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:51 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010122315000/v0/ Frame 7233 45 KB
14 KB 105ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010122315000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 59732
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14159
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 10:26:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b78f479991288ae5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 10:26:50 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7233 2 KB
3 KB 100ms
23ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57204
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7233 295 B
319 B 100ms
22ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102001.js?21068090

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
DATA 200
OK truncated
/ Frame 7233 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85964e27b661dd56b74ba3bc1fb1c3e8393ec15716f56d78671701a36837aa14

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 bg.jpg
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 58 KB
58 KB 96ms
19ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/bg.jpg

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8b7764d21b36f981856e4c06f2d3cb916786f16995619685629c854141a813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 01:09:09 GMT
x-content-type-options: nosniff
age: 179593
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59145
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 01:09:09 GMT

GET
H3-Q050 200 letop.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 3 KB
3 KB 104ms
27ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/letop.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089cda4055d4665fc56c0754e83831c9e34736b1480c9aa609bc904fb14b0c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 22:16:00 GMT
x-content-type-options: nosniff
age: 17182
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3033
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 22:16:00 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 119 KB
119 KB 105ms
28ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/logo.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb29177f26aa11a104496349a2109b0dbdd1bcb1c31f3dcc80087ef6fb2461a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 16 Oct 2020 22:27:29 GMT
x-content-type-options: nosniff
age: 448493
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121617
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Oct 2021 22:27:29 GMT

GET
H3-Q050 200 frame1-speechballoon.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 7 KB
7 KB 108ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/frame1-speechballoon.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4fcde6e7b621b789ceef1b4ba07e6cffed3c70ee428f6a71b805aad95a02fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 22:34:50 GMT
x-content-type-options: nosniff
age: 188852
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6967
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 22:34:50 GMT

GET
H3-Q050 200 frame3-title.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 10 KB
10 KB 109ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/frame3-title.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a12450ff8ace362a899044741ac66daf29c89ef3fec5157c57ab4f7d13d8f026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 22:34:50 GMT
x-content-type-options: nosniff
age: 188852
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9728
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 22:34:50 GMT

GET
H3-Q050 200 checkmark.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 400 B
425 B 112ms
33ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/checkmark.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e5d5508e120f41a9fb7a87dac8fc5911980c342f4df103fae87fae48d8a6086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 07:35:40 GMT
x-content-type-options: nosniff
age: 70002
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 07:35:40 GMT

GET
H3-Q050 200 button.png
tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/ Frame 7233 3 KB
3 KB 112ms
31ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/NEF_Banners_Warmtefonds_336x280_doe_de_leencheck_kopie/img/button.png

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0def69edd34e729ffe93e1e0b09ee3e4766ccd3b7de2e0ea4176348ee741e1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 22:16:00 GMT
x-content-type-options: nosniff
age: 17182
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2604
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 22:16:00 GMT

GET
H3-Q050 200 A.gif
tpc.googlesyndication.com/sadbundle/18180929292253128788/_genassets/ Frame 7233 42 B
67 B 112ms
31ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/18180929292253128788/_genassets/A.gif

Requested by

Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 02:14:13 GMT
x-content-type-options: nosniff
age: 89289
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 11:20:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 02:14:13 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame BD28 0
0 173ms
54ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGHMiXPwRiJcAYyvNi_h6aQmwNcumi_rUNhrkp7rpY1gRnG9ai6fYWy_Fp3-6uKbkY3BoN1k_EGZvo0LgMBESJxp8R-g
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BD28 0
0 216ms
46ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGj5tPvaQX__9CJKQgQeCu4-IBIri3NVfu_Dj45gM2tkeEAEg6qekV2CRhJOF_BegAentm88DyAEJqQJ_BNw39OWzPuACAKgDAcgDCKoE9wFP0Av2Dc6eDvg1YD67D2zR1MD31NSZTASeJkhB4KwnIgx1_gunSymuFd118q-eUNia5Spu6b1bqUeXd6IjAQiM412v0VRVCHIYoMK4PNQvII6lkTQGuoisFB56TwYris6_i-2QOL0pzF1D6DhZY3PwXhpQv5WGiiTXf6l2vW_YunOVBU_rEnCVhKH4QJGp7Zer8m96-Sd5D1uludglrpXnJYHMh-GC0XfPq6XfCP3-e_FeApI6tei85Px6r1sItduF5Ex3ZHWCCLAV4rcif0B50QSs2cZsfRGeP0vVkZgWM2XO63Dw24ugA3FK_c9k9WCT9s_pVjFpwASHg8vCjAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_5HkMKgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBD6xA_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcyNDEyMDcwODg3ODgwNTmACgPICwGyDBRwdWItNzk0NTA0NDg2Mzg3NDc4N8IMAggB2BMN&sigh=eW3cyfNQ2yw&template_id=419&tpd=AGWhJmsHJ314ERj9RGjgph2AnkBeaORcTeayzulsDVTT_H-XZg
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 7233 0
0 183ms
13ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaST53Pd4nHssujt-SW04UWr9QufhwXzGDXIuOR_Yad64VWZmeKP4IEDs99yZ11n1c4K-GjHqopt_AO2cWqdjYh5udCUXw
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7233 0
0 214ms
45ms Image
text/html 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXuf5PvaQX4D-CJKQgQeCu4-IBIri3NVfu_Dj45gM2tkeEAEg6qekV2CRhJOF_BegAentm88DyAEJqQJ_BNw39OWzPuACAKgDAcgDCKoE9wFP0EfiCV8g5-Th_eWgXVsssKjrMtwQkw9TwXOgtNsu6Z8v7fqX5WtEU5sa2-CEkn8ZREmRQOIZVu4BgwH7hzwGFxdx8rrDil6R6KEr2Wk1X5Ec7rYxWyF0jxYIzvzwtp5zzPrBpGV1ZvQ1KlKhPn3ScV-fvpdXEFBlalluFABqsN-qNckmbeGY9W5JdVpzGn2ChUrei7uCzK15UPQBdA9yCHf6vhwdwD9NiIvo9L5uaUeqz15Z2R1IGGArYRlUl5DcWWsCI4YFWP73fO5Jhv5QdgpnNIgqiUXTfGaYBnXXA7aXHu2-w-CXB7HUSrN-UWKP0hhs_gdUwASHg8vCjAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_5HkMKgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBC5vQnSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTcyNDEyMDcwODg3ODgwNTmACgPICwGyDBRwdWItNzk0NTA0NDg2Mzg3NDc4N8IMAggB2BMN&sigh=LAUlkYRbVEc&template_id=419&tpd=AGWhJmt704N87YWDc6DEOsqdGgcXasayOpz4OLprGisbcQ88vQ
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1645
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.live4d2u.com
URL: https://www.live4d2u.com/index.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 22 Oct 2020 03:02:22 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 42ms
28ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201019&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9f8060a9fee8aa07afd0e928160530958bdf911d7be5408bebe480b1e75b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6410
x-xss-protection: 0

GET
H3-Q050 200 5411345749865326372
tpc.googlesyndication.com/daca_images/simgad/ Frame 1645 21 KB
21 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5411345749865326372

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

201ba8eba869428559e189d302709a58cfaf831f40afc6fc9b51a0fc63c0d545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:01:39 GMT
x-content-type-options: nosniff
age: 86443
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21362
x-xss-protection: 0
last-modified: Sun, 23 Sep 2018 06:09:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 03:01:39 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1645 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57204
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1645 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD28 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57204
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BD28 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7233 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 57205
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 22 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7233 295 B
324 B 6ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 16222
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 22 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201019/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 03:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Thu, 22 Oct 2020 03:02:23 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame E2B9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.live4d2u.com/index.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.live4d2u.com/index.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-length: 12318
date: Thu, 22 Oct 2020 01:47:55 GMT
expires: Fri, 22 Oct 2021 01:47:55 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4468
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
142 B 29ms
28ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201019&jk=1183497879591482&bg=!zc6lzu7NAAUZK2QAGVhk_nLUjtYlgAIAAABbUgAAABEKAgrLUeJF6Nm-AI7lZDEFfUjUJONrynt9H8uAZm6-abx434cH5JoyZn90-wOktOZ6W8JvbLE8B4IWJ_hWgc5ZCzhYqvsbXL7uEeF1ke7DedOI-Pr9afkIEQU3aE-4yURqh2wTsDzz-MgcYURU0LRzZPCUX8F1YZAvVcfTld1ZCg4Orkc_0ctJoPusZGDgO7h-t02sgUgc2cpXNMNZVx71m5t7wt_taitXoSGsBDcm9oxKoIKaC-RvBj8MwS1GXlXXNZ0w8TpOBaMx_AUOv_RaEkZOzQ8mCCsSRhuKKQQuLaHtKYIaoLdRojnvEmAgx64mYiTmGCaE91INqgCZYY_A-6BnUopVywtbZdweuHAMxy1T2zN_fpjxVBxVngmCwM38iGKhYLsOsPqqFZHB3ZtB897pPbjatBMmxHVMha1ABJZr5D4sRiDiw3nXUvk4fA9Oyhb2LVNGefL898fdjdjHQTzpBXaJ9zX58BOODgoC2a4ivB2we4OzVaq2f0ieDPLWpnHdv9aimSuF41V67WajOZHdnuOOkcYP8thDXeZJZ_03CqmvdbYvPuvKyIIMBYFFxq0OukIL59med4ElGZT5z6rq5ftWBbsASByfQK5y_kXUCh0bmjDKa981RQZbZLCDEp2K7AJ6z8d6adnADQx09SojugN9ROvWgmYxO9Wx_ZCiIoY96SMJWYoY_HOZAama9glgINe_R1Shd5sF6NjZ34zQkuv3HfTiJQvoMQGGf-iLUuaCqK7up5Y8giXspQBE2eaYpxWAbu7LTFzBpoxcG9aQqegveBFQtPoLLEG9LGhTe94DGb5-d1od57CMwWiFYlWXr-1-HQ2wjiSOTlTBHtqu8whUOaEzSq24BscCA9uwDeRlIIqA-AZGck7050jERce2t8wJ1kA7aEQn0_1Ck1T7xhBkz-q7Jp5wkizRuAv8Qfdx326hGXp3sCvZ_TjAP4C2YG8DGk6NiQjt5yDb6UaSxk1yXyPe3MbGzqhCICrgHIaKrMmglPJcHb7TU4g1MiVnHbOrrcKmoYtgr3ck2BuybL5FA23rylzfQDiFqCb1GtKzrY2Pa3dFqaiFetk-Xgc4196tL8NGxLpWKYbeVDgC8qWsOFhXg2vNT0DT--tSz9w883rHFIdKnvY4Dgk5yGftMN0ZRQTbwn-Mug6Mac0b812Z8w5s7GIrjclOS-OfYXp2ajS5X0idXEkBNUucUdRDKuejeYcZiaRGZlQwiLRXkndRVxNbHldKSnPhLQzplWT3E55zxw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 03:02:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1645 42 B
65 B 46ms
46ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssO6B2FblffFP1sQj6DU47JlaOOHMHkk4Xk_dAB6nPYQlHQM_A-Gv8gYIe3RbkbNx1okRQCXx2I9X91zziFB1zeeUM1R5wvbQS_zAomOceqjvieKrJVR2SFfr7Tjzx9Xj94wHna6U1ktjavRVuFikDwsA&sai=AMfl-YTCTcBaTdws-XExI1GTPFUjIWE5wkDYRz3ZIVxUg8BHeV2wo-ZfwHm5NqziahM4t3lwTbmpgmG_46U9romY7CHmZwlefraeSjcDS1PBJz0d3va8JjiDeX0vEdMK&sig=Cg0ArKJSzC32YT88X4C3EAE&cid=CAASF-Ro07cwQIu6cve8f_ZOVXJuNVslMu-D&id=ampim&o=640,1150&d=320,50&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=314&tls=1315&g=100&h=100&tt=1315&r=v&avms=ampa&adk=1447921086

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 03:02:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BD28 42 B
93 B 41ms
41ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2vClAMX877fJZpkw7ocMQ-KxRBh8MXfyFvLOyMroGscxgVHMjGx9vbO6E3NmicN1EzIRKGpjUWk3UBIsOlP30kAmvz5fdJUzmTW3MuYxE_EruBH6GTDD6116yNw&sai=AMfl-YRxSmm4lISnBNOgsjnDKXDRzoFfIv8RcxDd3URlIq2bhBJTlXkqdMT8LgltN_ireldgNqOYWzVZkOWSD5Xf0qTd7_CfPP53gVASqYEmPMvPNGN2q1mV810IpvTS&sig=Cg0ArKJSzN1juo3p2qjiEAE&cid=CAASF-RomVrBHwbb-dfSYn_SN89aEBOokgfz&id=ampim&o=698,895&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=241&tls=1243&g=100&h=100&tt=1243&r=v&avms=ampa&adk=929365401

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.live4d2u.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 03:02:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3329355287397725&correlator=274000335928066&output=ldjh&impl=fifs&eid=21067119%2C21067994%2C21068065%2C21067753&vrg=2020101501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201022&iu_parts=424536528%2C1404340_live4d2u_320x50_overlay_AdX%2C17294_live4d2u.com_300x250_responsive%2C17297_live4d2u.com_300x250_responsive_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C320x50%2C320x50%7C300x250%7C336x280%2C320x50%7C300x250%7C336x280&fluid=height%2Cheight%2Cheight&cookie_enabled=1&bc=31&abxe=1&lmt=1603335732&dt=1603335741309&dlt=1603335740334&idt=958&frm=20&biw=1600&bih=1200&oid=3&adxs=640%2C716%2C339&adys=1200%2C895%2C2771&adks=1447921086%2C929365401%2C825179080&ucis=1%7C2%7C3&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.live4d2u.com%2Findex.html&dssz=27&icsg=540158635&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x-1%7C357x250%7C357x250&msz=320x-1%7C357x250%7C357x250&ga_vid=1914402067.1603335741&ga_sid=1603335741&ga_hid=1649253469&fws=512%2C4%2C4&ohw=0%2C357%2C357&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:43:51	Name: IDE Value: AHWqTUmsjY88_HsCjQWfK42dzvEWvjJ_7lUOaBE64mJB63akPjgGUlc-7BV-6qeu
.live4d2u.com/	1970-01-19 22:43:51	Name: __gads Value: ID=efd8d08539bbdceb:T=1603335741:S=ALNI_MZ9zhVtIc3vDSIf-EycjC5qxAHUTA
.live4d2u.com/	1970-01-20 06:53:27	Name: _ga Value: GA1.2.1914402067.1603335741
www.live4d2u.com/	1970-01-19 14:05:27	Name: reload129 Value: 1
.live4d2u.com/	1970-01-19 13:23:42	Name: _gid Value: GA1.2.1051347006.1603335741
.live4d2u.com/	1970-01-19 13:22:15	Name: _gat_gtag_UA_31910035_1 Value: 1
.doubleclick.net/	1970-01-19 13:22:19	Name: DSID Value: NO_DATA
.live4d2u.com/	1970-01-19 14:05:27	Name: __cfduid Value: dbf66c255e6e0d6e5c4ed77330eba1dcf1603335740

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js(Line 417) Message: Powered by AMP ⚡ HTML – Version 2010122315000 https://www.live4d2u.com/index.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js(Line 417) Message: Powered by AMP ⚡ HTML – Version 2010122315000 https://www.live4d2u.com/index.html
console-api	info	URL: https://cdn.ampproject.org/rtv/012010122315000/amp4ads-v0.js(Line 417) Message: Powered by AMP ⚡ HTML – Version 2010122315000 https://www.live4d2u.com/index.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3005d8b122d9d3f10424c4f5829095cd.safeframe.googlesyndication.com
aad75d8d40b9610195bc2343364a3463.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
googleads.g.doubleclick.net
js.genieessp.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.live4d2u.com
securepubads.g.doubleclick.net
172.217.23.162
209.197.3.15
216.58.208.34
2606:4700:3037::ac43:d651
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2001
2a00:1450:4001:806::2008
2a00:1450:4001:818::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2002
2a00:1450:4001:824::200e
2a03:2880:f11c:8183:face:b00c:0:25de
61.213.187.169
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
089cda4055d4665fc56c0754e83831c9e34736b1480c9aa609bc904fb14b0c9b
0def69edd34e729ffe93e1e0b09ee3e4766ccd3b7de2e0ea4176348ee741e1f7
13bc9de1964c9e5ec81697e1356a175650b248958046da884eab5e1150904e1d
1dc50cc05720d5979cb53e0a0bc27febc3d7dffba34cc8982d0fa52bbdfa0173
201ba8eba869428559e189d302709a58cfaf831f40afc6fc9b51a0fc63c0d545
21e4f59cfd262f541623bed8ed5a907798a3ed1cb3b72a908b29e4a6f0496782
230173be9fdfa067dfa6e59492e8d3e1f7a2461d7f9e8108d66d2fc9b9140936
2f7a650bd47fb51257a5212eb8911ccaab4b24885827b5bbcf0dcdf687c51964
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
432a90085c1b822d6902245dcefd172688ce505634cb370798d88e6c914dfa3a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e5d5508e120f41a9fb7a87dac8fc5911980c342f4df103fae87fae48d8a6086
5e8e297496605cf8cd209ccff38a9628886cb5f51d22d147a5f2cb758e9fd454
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9736f159ea78dd1d61e8139b723521113cfdcffaf5ed37e4caa089309e90a3
6f8b7764d21b36f981856e4c06f2d3cb916786f16995619685629c854141a813
6fdc007044c914d7a971314dfce60c98ad5a39e70b468784a91a3bf182139f20
735c7b3ba798e1642fd859791c1a7d36309093657270aa0cc4ca28284d5ecd12
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cbac6aa05f4dbf84bb08c0f9f7237c43072b204f0b8cbfd7e357c1aa2d14e3a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81769ec6be856e69d17c22fdbf79b9e05b7c0ece06edc79db4114a8567298643
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85964e27b661dd56b74ba3bc1fb1c3e8393ec15716f56d78671701a36837aa14
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87c70746e1e78a5e062ca78e5adba8ffd617d21916a2157e39d6534524707997
8c8b33f7e43d0a7962526faee765ca842e4569654344ad3c74c4126839b0bcc4
a12450ff8ace362a899044741ac66daf29c89ef3fec5157c57ab4f7d13d8f026
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
ada7247129f48b1409f1bd93168aff2f817bf462dc35640d300a3cd1558c527f
ae3eab02cd1c63cf9f27505e5a1ad885db7f4c8a32b6d52083238e38543314d6
b38dc9e694cbb2eed3cad8b4dcf58439086f58af420fe7cbf83db7550820577b
b727f095e7138f5dba48105d0296d15fd18774da79aee8e26db50c5bb9fc8144
bc945e2acf1f1c52759e74cdf111c1dd7f6495688abeb1d7d4b1f84016f1a6bb
c655a50bd0d775ce29cad2ccfe471421fce3a4069d729b0771a827d37cd80d06
d03e99f0aff5436a6c0e55736133a1d51caead38e13ae380114341e007b723ca
d03f19cdd82fad588092cf36fcd123dad0dbd645d080511058e564b9a3552a50
d30c1e3255bdef723c9260002ead329c89b07dd688cf886a84138967a09ea149
d4fe35ae7cb63b874da447fdf6cc6f9a15d4e4ea1c8709f98c30ec7df7eb8e9a
d71732bd06efe339d3418e68291430236dbbeecee97479cb3fa35ba857cea17a
d88a2a1b6776ca0f3a592c3b3b4df4751e234c81d0298bd89a524ce9d2007b66
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
debfff9b0ec99dc9c126b6ebf0e4a7d802176dade0cf53dd509f3704fb930b69
e1f64763782f51c32f1b9587ca8adfcf4368164b8786c29f825afbae89435492
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9f8060a9fee8aa07afd0e928160530958bdf911d7be5408bebe480b1e75b02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f214ae49b4c30721724166004ba775521ebd31249928c519c5eb66bb464438f0
f3543e422b70c27b92cad0467ab812c07009c851cb96b5450e9c4df4abd18b47
f4fcde6e7b621b789ceef1b4ba07e6cffed3c70ee428f6a71b805aad95a02fd4
f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625
fb29177f26aa11a104496349a2109b0dbdd1bcb1c31f3dcc80087ef6fb2461a2
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fee54303bff77d6245309b581cc3ae404c374a4cb95174695256ebc5ee00ccee

www.live4d2u.com Open in urlscan Pro 2606:4700:3037::ac43:d651 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

73 %IPv6

14 Domains

19 Subdomains

16 IPs

4 Countries

1948 kBTransfer

4934 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.live4d2u.com Open in urlscan Pro
2606:4700:3037::ac43:d651 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

73 %
IPv6

14
Domains

19
Subdomains

16
IPs

4
Countries

1948 kB
Transfer

4934 kB
Size

8
Cookies

141 HTTP transactions
3 data transactions