Submitted URL: http://loa-todo.com/
Effective URL: https://loa-todo.com/
Submission: On June 07 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 4 countries across 22 domains to perform 52 HTTP transactions. The main IP is 146.56.46.160, located in Seoul, Korea, Republic Of and belongs to ORACLE-BMC-31898, US. The main domain is loa-todo.com.
TLS certificate: Issued by R3 on May 16th 2024. Valid for: 3 months.
This is the only time loa-todo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 146.56.46.160 31898 (ORACLE-BM...)
5 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.193.194 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.186.98 15169 (GOOGLE)
2 142.250.185.238 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
3 108.138.32.75 16509 (AMAZON-02)
1 1 18.66.192.58 16509 (AMAZON-02)
2 2600:9000:20a... 16509 (AMAZON-02)
1 108.138.36.15 16509 (AMAZON-02)
4 184.30.211.26 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 52.206.222.75 14618 (AMAZON-AES)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
52 24
Apex Domain
Subdomains
Transfer
5 gstatic.com
fonts.gstatic.com
220 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
42 KB
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1359
106 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 356
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731
82 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 716
127 KB
4 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 37152
373 KB
4 loa-todo.com
loa-todo.com
295 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1830
a.ad.gt — Cisco Umbrella Rank: 2050
5 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 4284
128 B
2 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4996
45 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
173 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
305 B
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 46876
650 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
195 KB
1 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3002
460 B
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1091
27 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2128
12 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 8646
583 B
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1095
914 B
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 54933
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
93 KB
0 script.ac Failed
cadmus.script.ac Failed
52 22
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
loa-todo.com
5 fonts.googleapis.com loa-todo.com
4 secure.cdn.fastclick.net loa-todo.com
secure.cdn.fastclick.net
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
hb.vntsm.com
4 hb.vntsm.com loa-todo.com
hb.vntsm.com
4 loa-todo.com loa-todo.com
3 c.amazon-adsystem.com hb.vntsm.com
2 id.hadron.ad.gt hb.vntsm.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev hb.vntsm.com
2 cmp.inmobi.com loa-todo.com
cmp.quantcast.com
2 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 hb.vntsm.io hb.vntsm.com
2 pagead2.googlesyndication.com loa-todo.com
pagead2.googlesyndication.com
1 a.ad.gt cdn.hadronid.net
1 proc.ad.cpe.dotomi.com hb.vntsm.com
1 cdn.id5-sync.com loa-todo.com
1 cdn.hadronid.net loa-todo.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cmp.quantcast.com 1 redirects
1 ad-delivery.net hb.vntsm.com
1 hb-vntsm-com.global.ssl.fastly.net hb.vntsm.com
1 www.googletagmanager.com loa-todo.com
0 cadmus.script.ac Failed hb.vntsm.com
52 24

This site contains no links.

Subject Issuer Validity Valid
loa-todo.com
R3
2024-05-16 -
2024-08-14
3 months crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.vntsm.com
R3
2024-03-22 -
2024-06-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-08-07 -
2024-08-06
a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-11-09 -
2024-12-10
a year crt.sh
*.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
ad-delivery.net
GTS CA 1P5
2024-05-17 -
2024-08-15
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
hadronid.net
GTS CA 1P5
2024-05-29 -
2024-08-27
3 months crt.sh
id5-sync.com
E1
2024-06-04 -
2024-09-02
3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2023-11-27 -
2024-12-25
a year crt.sh
id.hadron.ad.gt
E1
2024-05-25 -
2024-08-23
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh
a.ad.gt
E1
2024-04-11 -
2024-07-10
3 months crt.sh

This page contains 2 frames:

Primary Page: https://loa-todo.com/
Frame ID: 3EE03829EE0108D8FBDCED25154ABC5F
Requests: 49 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: A607FF5C7679C1085A0161EE9999B076
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

loa-todo

Page URL History Show full URLs

  1. http://loa-todo.com/ HTTP 307
    https://loa-todo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

52
Requests

96 %
HTTPS

54 %
IPv6

22
Domains

24
Subdomains

24
IPs

4
Countries

1798 kB
Transfer

5809 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loa-todo.com/ HTTP 307
    https://loa-todo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1717771462336 HTTP 301
  • https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
loa-todo.com/
Redirect Chain
  • http://loa-todo.com/
  • https://loa-todo.com/
3 KB
2 KB
Document
General
Full URL
https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
b637819c9ed587efa6e3df538baf14d082253b9bd787c5f94cef0285c92d8d3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 07 Jun 2024 14:44:19 GMT
ETag
W/"be6-18f00ea9a30"
Keep-Alive
timeout=5
Last-Modified
Sun, 21 Apr 2024 13:48:46 GMT
RateLimit-Limit
150
RateLimit-Remaining
149
RateLimit-Reset
477
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding

Redirect headers

Location
https://loa-todo.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 13:14:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:44:20 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 14:44:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:44:20 GMT
css2
fonts.googleapis.com/
96 KB
23 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+KR&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8682273454a835aa6ee959fe1197383ef0a44cd8c572d955f9c11c26b5f13fde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 14:44:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:44:20 GMT
css2
fonts.googleapis.com/
51 KB
12 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Jua&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5961bc80fd56da44cb81e8af4454c3e5736a6df0152bcc5f091371b4bbdc5740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 14:44:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:44:20 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7135250198762448
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
4678178a2366ba36ccde67eca71a1c475387d3232014a501c60749997cebffff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52221
x-xss-protection
0
server
cafe
etag
14526672302734565845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 07 Jun 2024 14:44:20 GMT
js
www.googletagmanager.com/gtag/
268 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa2407b8baa89771e7241e47516bab4e2c3386a69c5b9b0fb53fbd7fd72f47a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95330
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 14:44:21 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/
143 KB
43 KB
Script
General
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
270501ddb81cc28677584264e4305f88426bcf5173863d8fbb22cc59c255ed20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-server-side-encryption
AES256
cdn-cachedat
06/07/2024 13:07:44
cdn-pullzone
131999
last-modified
Tue, 28 May 2024 12:24:10 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"44b77a4c46c156353657af37fc807434"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
8529db7e73fd28fc995740443bc8516e
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
main.dc895bcd.js
loa-todo.com/static/js/
1023 KB
284 KB
Script
General
Full URL
https://loa-todo.com/static/js/main.dc895bcd.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
c01cb38d284692f2c12d9a93566af1cc32eaa2a9391cd37b9c2fdc764e7e0db0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

RateLimit-Reset
476
Content-Encoding
gzip
Date
Fri, 07 Jun 2024 14:44:20 GMT
Transfer-Encoding
chunked
RateLimit-Limit
150
Connection
keep-alive
Last-Modified
Sun, 21 Apr 2024 13:48:46 GMT
ETag
W/"ffafe-18f00ea9a30"
Vary
Origin, Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
RateLimit-Remaining
147
Keep-Alive
timeout=5
main.15cca72d.css
loa-todo.com/static/css/
16 KB
5 KB
Stylesheet
General
Full URL
https://loa-todo.com/static/css/main.15cca72d.css
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
8b2c6a2986605e4489d0d58ea2cc09813270d13ba1303861c8affeefc8ae6d01

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

RateLimit-Reset
477
Content-Encoding
gzip
Date
Fri, 07 Jun 2024 14:44:20 GMT
Transfer-Encoding
chunked
RateLimit-Limit
150
Connection
keep-alive
Last-Modified
Sun, 21 Apr 2024 13:48:46 GMT
ETag
W/"4194-18f00ea9a30"
Vary
Origin, Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
RateLimit-Remaining
148
Keep-Alive
timeout=5
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/
425 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7135250198762448&plah=loa-todo.com&aplac=true&bust=31084345
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7135250198762448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
a3b95b236afc4b33ee22580b649844d7ae890e7fd0bbdf041e3ef969312341ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147238
x-xss-protection
0
server
cafe
etag
13474875791694043602
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 07 Jun 2024 14:44:20 GMT
6385d1215df4145771e09231.enc
hb.vntsm.com/v2/live/
37 KB
6 KB
XHR
General
Full URL
https://hb.vntsm.com/v2/live/6385d1215df4145771e09231.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
159da927486df62965fd10973ebe087d712c9bfec43ade8f461f6053d347fb8b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:20 GMT
content-encoding
br
cdn-edgestorageid
1079
x-amz-server-side-encryption
AES256
cdn-cachedat
06/07/2024 13:22:28
cdn-pullzone
131999
last-modified
Thu, 16 May 2024 07:52:38 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"83678b17ba38c08737b0175b8064436b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
STALE
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
a6d0d49a4642e2b9a82dd9b94dc7b3b8
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
content.html
hb.vntsm.io/
32 B
650 B
Fetch
General
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
90Y297YBGS56NACQ
content-length
32
x-amz-id-2
VWq9zcjc0CZ99D0vSgTCy8MtQPSpbC9EbP6zhIQDg4YvdJJdIXkhLhe9xR5dWRP4sZPiWSjmH+E=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89016b6f8c759a00-FRA
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/
0
0
Fetch
General
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 07 Jun 2024 14:44:21 GMT
Via
1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version
1.1
Strict-Transport-Security
max-age=300
Age
2573
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
X-IP
80.255.7.119
Content-Length
0
x-amz-id-2
EvlXEgkJz2uvB3jofV9V9Sp64cYyBUht5wRuLJEo0WQSeZ+SkJjSACjsFLCcjGGhAX+pQ8kGRSqx4qu/h/kWVg==
X-Served-By
cache-dub4337-DUB, cache-fra-etou8220142-FRA
Geo-Sub
BW
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
X-Timer
S1717771461.037669,VS0,VE0
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo
DE
X-Cache-Hits
71, 68
ca-pub-7135250198762448
fundingchoicesmessages.google.com/i/
192 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-7135250198762448?href=https%3A%2F%2Floa-todo.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7135250198762448&plah=loa-todo.com&aplac=true&bust=31084345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b52a7abf029517f2425a84dd037481da7c3136f4439c4414dc78bdad84858e32
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BDbojujO_SxQmPZG4BycKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-BDbojujO_SxQmPZG4BycKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtHikmLw0ZBiUAzbyXTe6Q7TdSA20HjOZAHEEl9fMqkBsVP6DNYAIPapn8EaBcStN8-xTgbipH_nWQuAuP3zBdapQLwk4iLrgcSLrELcHEd39mxmE3jw9WutkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBmYGpnoFpfIEBAF_nOEI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ad-manager-bundle.min.js
hb.vntsm.com/v3/live/
1 MB
324 KB
Script
General
Full URL
https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
5a90e93a72f2c01ae90c9523cdb0d4a9431bf622b25947356475dd58e331de71

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-server-side-encryption
AES256
cdn-cachedat
06/07/2024 13:07:44
cdn-pullzone
131999
last-modified
Tue, 28 May 2024 12:24:10 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"e70e64b58c142c69447a330342ba1567"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
42ddab070e5b0d942635e1312519ddc8
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W7YCQLYHSC&gtm=45je4650v877959976za200&_p=1717771460427&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2099063047.1717771461&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717771461&sct=1&seg=0&dl=https%3A%2F%2Floa-todo.com%2F&dt=Loa-Todo%20-%20LostArk%20Tool&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2355
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 14:44:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://loa-todo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.html
hb.vntsm.io/
32 B
0
Fetch
General
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
90Y297YBGS56NACQ
content-length
32
x-amz-id-2
VWq9zcjc0CZ99D0vSgTCy8MtQPSpbC9EbP6zhIQDg4YvdJJdIXkhLhe9xR5dWRP4sZPiWSjmH+E=
geo
DE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89016b6f8c759a00-FRA
AGSKWxXuaIiSi3aVHacY9wf1O6WP6nTfb-66_CDVoDt_7v0JGAvSgZS8pJLstQhjIrwXDYl2DTzIVEsBrbgVtOH8tiKzKx56goMZmbzzA0InR2PbkFnO_KmmPuYSLSQjxWhm05ebhtsMQw==
fundingchoicesmessages.google.com/f/
404 KB
62 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXuaIiSi3aVHacY9wf1O6WP6nTfb-66_CDVoDt_7v0JGAvSgZS8pJLstQhjIrwXDYl2DTzIVEsBrbgVtOH8tiKzKx56goMZmbzzA0InR2PbkFnO_KmmPuYSLSQjxWhm05ebhtsMQw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE3NzcxNDYxLDQyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sb2EtdG9kby5jb20vIixudWxsLFtbOCwia2J2REVhUU1FamciXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQzXSxudWxsLDE4XSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvDEaQMEjg.es5.O/am=AAM/d=1/rs=AJlcJMzUlNz2DY9EraZd75vr3cAzSgFrbw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebc1a986677d556ac08d379b5dc907ccd4390c161cfe37b1a1ef74700f8eec0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1MEPRzk64Jlf4UMP_VOgyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-1MEPRzk64Jlf4UMP_VOgyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0JBiOO90h-k6EBtoPGeyAGKJry-Z1IDYKX0GawAQ-9TPYI0C4tab51gnA3HSv_OsBUDc_vkC61QgXhJxkfVA4kVWIR6Oozt7NrMJfHh-vplJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTAzMBUz8A0vsAAANveNuU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:19:50 GMT
x-content-type-options
nosniff
age
260671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:19:50 GMT
px.gif
ad-delivery.net/
43 B
914 B
Fetch
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9398
x-guploader-uploadid
ABPtcPoViDXAwij4aT21NdW6tt_vFHaD3Fb88ySVGKTx4XwF8XVBt9clG6I8kAFlvHcSS67NS5k
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIIPHcUc3UQ9Obse6WE%2B8oENF9IF0ZpfmXs%2FyDor9JoOB%2BKEvhTQ%2FPlay4R1thROGtiRWD2SI9bsCRSlmxCbB9lh1c5SYonlinVAtW59YC%2BHBtgcX6CFHWKNIA3aEhOr6NloiGz8KIe4hEN%2BQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
89016b72ad4f1c17-FRA
expires
Fri, 07 Jun 2024 12:10:50 GMT
css
fonts.googleapis.com/
109 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.kbvDEaQMEjg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwW8luPEY0PG3GT4IAsFgauSkRkJA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 14:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 14:44:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 14:44:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:12:08 GMT
x-content-type-options
nosniff
age
48733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 01:12:08 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
96 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b95a292ed7642cae5e4b4e3136f36e2d56e96aa0f90bcc5a4cfad1900bd330a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30911
x-xss-protection
0
server
cafe
etag
618 / 19881 / 31084318 / config-hash: 15736159749916180681
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 07 Jun 2024 14:44:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 03:59:33 GMT
x-content-type-options
nosniff
age
38688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 03:59:33 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:10:34 GMT
x-content-type-options
nosniff
age
261227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:10:34 GMT
AGSKWxU60_zARtFDnHjYGELsM09zU0MHwS1F1N130KX3qaAhvPrQJ7J1ZwKcpfKJe0Abl3V0KaSkltuRQB5iWc6tPVVXsx4wpo6MJAeumbw-s_JBc93ajoWJ4Ux91Z_wOld3xNj3IIrUZw==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU60_zARtFDnHjYGELsM09zU0MHwS1F1N130KX3qaAhvPrQJ7J1ZwKcpfKJe0Abl3V0KaSkltuRQB5iWc6tPVVXsx4wpo6MJAeumbw-s_JBc93ajoWJ4Ux91Z_wOld3xNj3IIrUZw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nlMQsu2fT0H7Fn1t-ekiEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-nlMQsu2fT0H7Fn1t-ekiEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0ZBicEqfwRoCxEI8HEd39mxmE7hx9-k5ZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBmYKpnYBZfYAAA334jGA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://loa-todo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU60_zARtFDnHjYGELsM09zU0MHwS1F1N130KX3qaAhvPrQJ7J1ZwKcpfKJe0Abl3V0KaSkltuRQB5iWc6tPVVXsx4wpo6MJAeumbw-s_JBc93ajoWJ4Ux91Z_wOld3xNj3IIrUZw==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU60_zARtFDnHjYGELsM09zU0MHwS1F1N130KX3qaAhvPrQJ7J1ZwKcpfKJe0Abl3V0KaSkltuRQB5iWc6tPVVXsx4wpo6MJAeumbw-s_JBc93ajoWJ4Ux91Z_wOld3xNj3IIrUZw==
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-shwEPxLOudUYpHqAcC-9Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 07 Jun 2024 14:44:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-shwEPxLOudUYpHqAcC-9Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0JBicEqfwRoCxEI8HEd39mxmE7iw9P4RZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBmYKpnYBZfYAAAyfAizA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://loa-todo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/
459 KB
143 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406050101/pubads_impl.js?cb=31084318
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
17000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146466
x-xss-protection
0
server
cafe
etag
288610800658649615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 07 Jun 2025 10:01:02 GMT
co3KmW9ljjATdOrY.woff2
fonts.gstatic.com/s/jua/v16/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jua/v16/co3KmW9ljjATdOrY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jua&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
a317499f46a11810207ace4e5fdf04c9949250abeb914a1e713c391e4606c4f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://loa-todo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 23:43:09 GMT
x-content-type-options
nosniff
age
54073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16620
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 18:32:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Jun 2025 23:43:09 GMT
apstag.js
c.amazon-adsystem.com/aax2/
305 KB
76 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:15:39 GMT
content-encoding
gzip
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 21:30:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-P2
age
1724
x-amz-server-side-encryption
AES256
etag
W/"7e37c61c24c4f874b286570f1eebc0ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qca_np2yt6SHhgpUZSciTpAhQkaYJfdWR2VujnaXbWRctlWHbpbe4w==
choice.js
cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1717771462336
  • https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2
3 KB
2 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Server
2600:9000:20a0:0:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0859ae6602dd43d08ceab0904e78470fab233d53a0ec2288d8b91a40b3f69399

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 14:44:24 GMT
content-encoding
br
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2024 07:37:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
etag
W/"fd4a744007589f2e6c04982f0e3695bb"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_XTrJYd_vpcrpSIGyGFv1uFiEeNAStXtYe-BJ6Q_I7HNy44uAp2o-g==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2
date
Fri, 07 Jun 2024 14:44:23 GMT
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:43:31 GMT
server
AmazonS3
etag
"e757115d17404882a3a2e1d29e9377ed"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JCLeWRdT8AOp8JMeC01fEiRjwSOZiP23NsM-8SBr72-2DCXewtg1CQ==
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/
563 B
828 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-15.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:41:11 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
age
191
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
E_wQtR-qbQsF1Ykj-Q5S3fIa8T71a4FsZggp87oLCKoNimac-gOICA==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Floa-todo.com&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 13:59:39 GMT
via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
2683
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://loa-todo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
Hk_zqD6RZAv2JamR8M1MIbqqBhZFX_Bfh1-10xcFL51f13yc2VD9ZA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-75.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
date
Fri, 07 Jun 2024 09:23:02 GMT
x-amz-cf-pop
MUC50-P2
age
19280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pfNDlO_7BmmLNzRvcC9nDOC6rIx-_f88CNRGk0GGm-mBLENaX5X6Iw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:22 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 07 Jun 2024 14:59:22 GMT
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Floa-todo.com%2F&ref=&_it=amazon&partner_id=288
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
4417
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
89016b7a5abf9f10-FRA
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
id5-api.js
cdn.id5-sync.com/api/1.0/
93 KB
27 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 12:31:06 GMT
server
cloudflare
x-amz-request-id
5KPJR22PW25P7A8E
age
7
etag
W/"975872beea6fa436507d8a74321584b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
89016b7a6be62c49-FRA
x-amz-id-2
mHNfcfOhZ39fAcv93ecWmvO1g9ccLyL9P38hLRUCOljeVraQS0p6liqJbkgR1jYclw8+h1ZJ5slHWQ3VyXX0Vg==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:22 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 07 Jun 2024 14:59:22 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
128 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-222-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 07 Jun 2024 14:44:23 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.222.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-222-75.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loa-todo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 07 Jun 2024 14:44:22 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
hadron.json
id.hadron.ad.gt/v1/
97 B
263 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=loa-todo.com&url=https://loa-todo.com/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f371839b98500d682a3edd2740881b031226012cab56207c27d6e448df83573

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 07 Jun 2024 14:44:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
89016b7c59fb917c-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=loa-todo.com&url=https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://loa-todo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
89016b7b483f917c-FRA
content-length
0
content-type
application/json
date
Fri, 07 Jun 2024 14:44:23 GMT
debug
OPTIONS block
expires
Sat, 07 Jun 2025 14:44:22 GMT
server
cloudflare
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:22 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 07 Jun 2024 14:59:22 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
190 B
460 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:23 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://loa-todo.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Fri, 07 Jun 2024 15:14:23 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:23 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Fri, 07 Jun 2024 14:59:23 GMT
cmp2.js
cmp.inmobi.com/tcfv2/53/
167 KB
44 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=loa-todo.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1717771462336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:0:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 13:35:22 GMT
content-encoding
br
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
4142
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
server
AmazonS3
etag
W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
tyGHR4W2UJJXilnx8nL_aWmoHMYALe5x74G3-8BC6RVveADm7o7BDw==
288
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Floa-todo.com%2F&ref=&_it=amazon&partner_id=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb117338e62d552a46ae1dcdb5091c1ed980e4ef89904f3bdf22e9cc11dd8e46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 14:44:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2024 14:37:27 GMT
server
cloudflare
age
277
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
89016b7e3ec82c46-FRA
cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame A607
0
0
Document
General
Full URL
https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager-bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://loa-todo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods
GET, OPTIONS
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
cdn-cache
HIT
cdn-cachedat
06/07/2024 13:07:44
cdn-edgestorageid
1079
cdn-proxyver
1.04
cdn-pullzone
131999
cdn-requestcountrycode
DE
cdn-requestid
c88aec1970ef02de4c056fb3bbef586d
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding
br
content-type
text/html
date
Fri, 07 Jun 2024 14:44:23 GMT
etag
W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified
Sun, 10 Sep 2023 14:04:21 GMT
server
BunnyCDN-DE1-1079
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-bl
0
favicon-32x32.png
loa-todo.com/
3 KB
4 KB
Other
General
Full URL
https://loa-todo.com/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f69eab957a0a9721dc92556efabff7f0672952f704df2ccebe8858a4b326aa10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

RateLimit-Reset
473
Date
Fri, 07 Jun 2024 14:44:23 GMT
Last-Modified
Fri, 27 Aug 2021 02:35:20 GMT
ETag
W/"d23-17b85762e40"
Vary
Origin
Content-Type
image/png
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
RateLimit-Limit
150
Accept-Ranges
bytes
Keep-Alive
timeout=5
RateLimit-Remaining
146
Content-Length
3363
Connection
keep-alive
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W7YCQLYHSC&gtm=45je4650v877959976za200&_p=1717771460427&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2099063047.1717771461&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717771461&sct=1&seg=0&dl=https%3A%2F%2Floa-todo.com%2F&dt=Loa-Todo%20-%20LostArk%20Tool&en=scroll&epn.percent_scrolled=90&_et=21&tfd=7378
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://loa-todo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 14:44:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://loa-todo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/d1oykxszdrgjgl/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cadmus.script.ac
URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackChunkad_manager number| __VM_PRELOADER_COUNT function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| __VM_FSGEO_RESPONSE string| __VM_HBC object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| __VM object| regeneratorRuntime object| ADAGIO string| nobidVersion object| nobid object| mnet object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjJhMTJlODQzYzg5ZTVmZGxvYWRlcl9qcw== string| MjJhMTJlODQzYzg5ZTVmZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| __VM_BAIT_RESPONSE object| googletag object| webpackChunkloa_todo number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| __vm_add object| uponit object| apstag object| _aps boolean| apstagLOADED object| apscustom function| ha object| cnvr_launcher_options object| hadron boolean| __halo_loaded__ object| __id5_finalization_registry object| ID5 object| conversant object| PublisherCommonId object| publink_options object| coreid object| au function| __tcfapiui

2 Cookies

Domain/Path Name / Value
.loa-todo.com/ Name: _ga
Value: GA1.1.2099063047.1717771461
.loa-todo.com/ Name: _ga_W7YCQLYHSC
Value: GS1.1.1717771461.1.0.1717771461.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad-delivery.net
c.amazon-adsystem.com
cadmus.script.ac
cdn.hadronid.net
cdn.id5-sync.com
cmp.inmobi.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
id.hadron.ad.gt
loa-todo.com
pagead2.googlesyndication.com
proc.ad.cpe.dotomi.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
www.googletagmanager.com
cadmus.script.ac
108.138.32.75
108.138.36.15
142.250.185.238
142.250.186.67
142.250.186.98
146.56.46.160
151.101.193.194
172.217.16.194
18.66.192.58
184.30.211.26
2001:4860:4802:34::36
2400:52e0:1e00::1079:1
2600:9000:20a0:0:1b:cadc:ef40:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:2483
2606:4700:10::ac43:266a
2606:4700:20::681a:346
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200e
2a00:1450:4001:830::2008
2a02:fa8:8806:13::1460
52.206.222.75
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859ae6602dd43d08ceab0904e78470fab233d53a0ec2288d8b91a40b3f69399
159da927486df62965fd10973ebe087d712c9bfec43ade8f461f6053d347fb8b
1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f
270501ddb81cc28677584264e4305f88426bcf5173863d8fbb22cc59c255ed20
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
38ddbe47a6c50552223935c9c5553c3cb17292cfc08b33d4d2c40c45baf2174c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4678178a2366ba36ccde67eca71a1c475387d3232014a501c60749997cebffff
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
5961bc80fd56da44cb81e8af4454c3e5736a6df0152bcc5f091371b4bbdc5740
5a90e93a72f2c01ae90c9523cdb0d4a9431bf622b25947356475dd58e331de71
5f371839b98500d682a3edd2740881b031226012cab56207c27d6e448df83573
66a26f58e6db53d83ef8b7eeabbd99c41c439347508d4e30a3b4ece1e3fe47c9
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8682273454a835aa6ee959fe1197383ef0a44cd8c572d955f9c11c26b5f13fde
8b2c6a2986605e4489d0d58ea2cc09813270d13ba1303861c8affeefc8ae6d01
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
a317499f46a11810207ace4e5fdf04c9949250abeb914a1e713c391e4606c4f2
a3b95b236afc4b33ee22580b649844d7ae890e7fd0bbdf041e3ef969312341ca
aa2407b8baa89771e7241e47516bab4e2c3386a69c5b9b0fb53fbd7fd72f47a1
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b52a7abf029517f2425a84dd037481da7c3136f4439c4414dc78bdad84858e32
b637819c9ed587efa6e3df538baf14d082253b9bd787c5f94cef0285c92d8d3e
b95a292ed7642cae5e4b4e3136f36e2d56e96aa0f90bcc5a4cfad1900bd330a8
c01cb38d284692f2c12d9a93566af1cc32eaa2a9391cd37b9c2fdc764e7e0db0
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ebc1a986677d556ac08d379b5dc907ccd4390c161cfe37b1a1ef74700f8eec0f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69eab957a0a9721dc92556efabff7f0672952f704df2ccebe8858a4b326aa10
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
fb117338e62d552a46ae1dcdb5091c1ed980e4ef89904f3bdf22e9cc11dd8e46