www.todawa49.asia Open in urlscan Pro
2606:4700:3030::ac43:bdab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://todawa47.asia/
Effective URL:
https://www.todawa49.asia/home.php
Submission Tags: phishingrod
Submission: On November 26 via api (November 26th 2023, 1:25:44 pm UTC) from DE — Scanned from DE

Summary HTTP 70 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3030::ac43:bdab, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.todawa49.asia.
TLS certificate: Issued by E1 on November 25th 2023. Valid for: 3 months.

This is the only time www.todawa49.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:bc67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:303... 2606:4700:3030::ac43:bdab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	221.165.139.2 221.165.139.2	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	211.226.25.200 211.226.25.200	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
2	101.235.211.24 101.235.211.24	9569 (HCNSEOCHO...) (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO.)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
13	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	220.117.190.132 220.117.190.132	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
70	19

1 2606:4700:3032::ac43:bc67 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

todawa47.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3030::ac43:bdab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.todawa49.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 221.165.139.2 (Osan, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

ad.abchub.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.226.25.200 (Icheon-si, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

ad.aceplanet.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.235.211.24 (Seoul, Korea, Republic Of)

ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR)

js.ad4989.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.117.190.132 (Gangnam-gu, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

engine.tend-table.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	84 KB
14	todawa49.asia 1 redirects www.todawa49.asia	31 KB
6	googlesyndication.com 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	23 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	178 KB
3	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552	42 KB
3	abchub.site ad.abchub.site	7 KB
2	tend-table.com engine.tend-table.com — Cisco Umbrella Rank: 129049	1 KB
2	ad4989.co.kr js.ad4989.co.kr — Cisco Umbrella Rank: 134188	11 KB
2	aceplanet.co.kr ad.aceplanet.co.kr — Cisco Umbrella Rank: 255439	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	68 KB
1	todawa47.asia 1 redirects todawa47.asia	431 B
0	keezip.com Failed i.keezip.com Failed
70	14

	Domain	Requested by
14	www.todawa49.asia	1 redirects www.todawa49.asia
13	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
5	securepubads.g.doubleclick.net	ad.aceplanet.co.kr securepubads.g.doubleclick.net www.todawa49.asia
3	imageproxy.eu.criteo.net	ads.eu.criteo.com
3	tpc.googlesyndication.com	280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
3	ad.abchub.site	www.todawa49.asia js.ad4989.co.kr
2	engine.tend-table.com	js.ad4989.co.kr
2	csm.eu.criteo.net	ads.eu.criteo.com
2	280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	js.ad4989.co.kr	ad.abchub.site engine.tend-table.com
2	ad.aceplanet.co.kr	ad.abchub.site
1	pagead2.googlesyndication.com	www.googletagservices.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	www.googletagservices.com	280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
1	ads.eu.criteo.com	280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
1	rtb.nl3.eu.criteo.com	www.todawa49.asia
1	code.jquery.com	ad.abchub.site
1	todawa47.asia	1 redirects
0	i.keezip.com Failed	www.todawa49.asia
70	20

This site contains links to these domains. Also see Links.

Domain
www.xn--2j1b408atji.net
www.uuoobe.kr
wekoreatv.com
www.tfreeca22.top
sekder.net
1bet1.vip
wn-st.com
ww-ot.com
drpharm.monster
open.kakao.com
nulpurn.com
herbmming1.com
filecast.co.kr
0303.spzhspzh.co
nulppurun.com

Subject Issuer	Validity	Valid
todawa49.asia E1	`2023-11-25` - `2024-02-23`	3 months	crt.sh
ad.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2023-11-07` - `2024-06-28`	8 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2023-01-17` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.todawa49.asia/home.php
Frame ID: 479BE2E5B2B1EB8D54A865C18BACB05B
Requests: 36 HTTP requests in this frame

Frame: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BEE34093A54DBA796138922A60E58FA5
Requests: 1 HTTP requests in this frame

Frame: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 85DDA653C443097157079F18931103C2
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWNHUwAIZzwIVTOnAAgPXFQEAVEufBbjksuOZg&u=%7CtD%2BfZhwApikZzWdahuE%2FvRtMxMrmRt8ul1WSS3wOur8%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-xh-pigWfkkp9Iinsxv0hY1BVipphP__qpK5qUwr1Yfs4XaeEbQ8NCFr4hof7Jry99luv_oiJrHOXtMVAfaGXyelvHmAb13q0EXwgxI7ZKjMDTCU3x-xm6Y-_NeHOdEMG8448QlmsF2Uj9H_Y1DbxS4B_h__Wr6QwG-8qIpRMgvkk7C06X9-mKpbEhw7bSbtfiPiEpFHyZmjHhwn9liUrxvJH_6YllxIee_EBMapPhJC-kEzTQph7VNAfZS9Vn0Ly3pmWMXYZ1eHBIEITaOAY1hQ54ZRPcWZqyRt0hlKd50SnkuU2_f5qPAzf4QG2DK4VCxvfEMSnlScaeExQN0dZ-j3n1_L6SxynPMwxgpv0nHofKAnDdaopsR7NovMIV7YhCDGDrA3Qhi37ds39fmroAvRm8_rt39HhJfV9hQ9P6iWQPcW9gIQUh2w632x5f4vFHpB5oPmr3U3Q9_JFyDlZSncVpvAl95BxhzJVmfYRY1-Yo63nXrl_f1NU-NGSZtfzIYRc1vztY9xuvOOIiUWVSzyibaG41HuVnjDXE-OpNym4C5glPF7L7THnwg5qk4sfhBrvXvGFAnExF6zmwEQ03Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BfiU0djZbzOIafn1PIP3J6ggA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAgfENCuTWrI-4AIAqAMByAMCqgS0Ak_QWb04ygEnYrukf-nQLQ-C8zsj7Ef4xglfJIxTzj0Bln3UhiyCY9nxX3SNaDCpq4uKydP8hxoCPSardHrjh7KC0vUYwST3ntwa55buU-TaZlyeLy_FvQzdlgGyTd9VyAxtfPge9jC1Vbcq4LOYHDCo7eVUGqb8jbe0YQ8gK13mTqoPwBD2JfaReZ4YFfCegvOQnBV79z0DAE5xXbjJYyYUMm9NgJJswBZ1zE7k9yOHZcwkfcfJ3V4L4Okm3Rbx5sWvjpDwBIPofBuB-ZXhhsPla3KhJBqUAPEuT_dRg02OmI1uWIMwffs5ArkIsgrhiTe_cBGMIqD18pzIXlg8Wq15DcEHI97vTFikudYF2M65dwDhc7tFIOBnXik6Iq9_87uuFOOd5e_N_sDuw7QVLTM4rieM4AQBgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02OTkxMjcxMTg1MzkzNDUx-gsCCAGADAHiDRMI2rbp-OHhggMVpzNVCB1cDwjw0BUBgBcB%26num%3D1%26sig%3DAOD64_1u8YZiLMUz69Ma9KjLa_0Z22a9-Q%26client%3Dca-pub-3665575696298773%26adurl%3D
Frame ID: 6C05F5BCD95E9E989C4F0FDC11ACDA98
Requests: 21 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNDkuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1701005140590
Frame ID: 12E39FF3D0FB40981425601FA0787738
Requests: 3 HTTP requests in this frame

Frame: https://ad.abchub.site/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1701005142510
Frame ID: 2318C768D862D16FBDB5EA37DB355B98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

토다와

Page URL History Show full URLs

https://todawa47.asia/ HTTP 301
https://www.todawa49.asia/ HTTP 302
https://www.todawa49.asia/home.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

81 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

19
IPs

4
Countries

520 kB
Transfer

1411 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xn--2j1b408atji.net/
Title: https://www.토다와.net

Search URL Search Domain Scan URL

URL: https://www.uuoobe.kr/bbs/board.php?bo_table=request
Title: 자료요청

Search URL Search Domain Scan URL

URL: https://wekoreatv.com/
Title: Wetv

Search URL Search Domain Scan URL

URL: https://www.tfreeca22.top/board.php?mode=list&b_id=adult&time=1701005104
Title: 성인

Search URL Search Domain Scan URL

URL: https://sekder.net/?ref=uube
Title: 섹파찾기

Search URL Search Domain Scan URL

URL: http://1bet1.vip/

Search URL Search Domain Scan URL

URL: http://wn-st.com/

Search URL Search Domain Scan URL

URL: http://ww-ot.com/

Search URL Search Domain Scan URL

URL: https://drpharm.monster/

Search URL Search Domain Scan URL

URL: https://open.kakao.com/o/gxvkbezf

Search URL Search Domain Scan URL

URL: https://nulpurn.com/shop/item.php?it_id=trel01

Search URL Search Domain Scan URL

URL: https://herbmming1.com/

Search URL Search Domain Scan URL

URL: https://filecast.co.kr/?p_id=reel

Search URL Search Domain Scan URL

URL: https://0303.spzhspzh.co/register.html

Search URL Search Domain Scan URL

URL: https://nulppurun.com/shop/item.php?it_id=trel02

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://todawa47.asia/ HTTP 301
https://www.todawa49.asia/ HTTP 302
https://www.todawa49.asia/home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home.php Show response
www.todawa49.asia/
Redirect Chain

https://todawa47.asia/
https://www.todawa49.asia/
https://www.todawa49.asia/home.php

48 KB
8 KB

229ms
229ms

Document
text/html

2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/home.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 099cb2b3f532320be872a078895b38c7c329dc913a9b31133ecbfb760868370d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82c27550789d6bb7-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 13:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq2h9KY%2FB6%2BQ9bakKHGR96R%2BQMwrXMfWop994WGHPyNvcfSMOeZr9ZYXbmaGVwfeRiW5%2Bn8hFxeQeeiTJzyNmRqcnFlh0lF3SZjWX9Oga6GMNhJghyFCPv%2FqjKCAMrEr1Nsn1mr7fsW0Wd%2BWa8%2Fyrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82c2754eae8c6bb7-SIN
content-type: text/html; charset=UTF-8
date: Sun, 26 Nov 2023 13:25:35 GMT
location: home.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEbbAvcnVxGwlKDe6%2FjPSHwIszgnavKYYaxvxr5jNlmGrDiKFydADcnoF26kuHtnUbIkkBNPzl6NTSROqUTyNhX85KLvGy8C%2Fzeb4NEb2yi6E3YIiEyUCqzaYuFcuj7krFo1hKxjG0JKk5VrPMrtow%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H/1.1 200
OK PelicanC.dll Show response
ad.abchub.site/cgi-bin/ 3 KB
3 KB 1966ms
285ms Script
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 76cbb4971d1077b13a4ce3742a67ca8ec5389c1c95553e59b059fe3003fc14a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 26 Nov 2023 13:25:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H3 200 common.css
www.todawa49.asia/css/ 6 KB
2 KB 25ms
24ms Stylesheet
text/css 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/css/common.css?v5
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308052b1bf48d457ff68c33a498c882f75beaae17118485be2dd3163fe0c7c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 10:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11410
etag: W/"6139e5b9-179f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q%2FrVDlZ14GUPL2NbkI2QEIn3RBXClLeoxWlb%2BjlOCJKcvYeotJorIOrrCNq8UjxL%2F8fke%2B449aBCiuHett7zs3%2FN%2F%2FKkSts%2F%2F9Awz9fu1ULy%2FO6GKhdXzRKMUP3axTuTGkRVjVczuODsVL%2Bfi4JSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82c275517b943cb3-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 22:15:25 GMT

GET
H3 200 main.css
www.todawa49.asia/css/ 2 KB
987 B 26ms
25ms Stylesheet
text/css 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/css/main.css
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf18a9ed9a6aa889d227de181fe071fe47062764cacd90c4423b81b6bbbee834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 13:18:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11410
etag: W/"5d838040-6a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMJGXJde25Gledwlxx8dXKoXwviI9lNep%2BRJ%2Fw14dSThDHqNhpwrE99Rxdofu2jA5EZU5U8RvCChGe9ayysTgGWEsd3TiS8dIKdtdtDqySvYIwnIyONR28ecM%2BA32B2ODukSFZtaW%2FX8Hn0QJF4p6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82c275517b953cb3-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 22:15:25 GMT

GET
H3 200 sub.css
www.todawa49.asia/css/ 6 KB
2 KB 27ms
27ms Stylesheet
text/css 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/css/sub.css
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72855f862df04b84b9755977382129f3f7f22f188f02686807e0eb5df1916155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 May 2021 08:41:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11410
etag: W/"609e37d6-1648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oh4D0d14gPj3e373XHaKJnwfaqWgij%2B4VvR9d2ZOjwkZaZ2wGeIVUE98gu8wUYHBRVg2pumoT77DsXFFAA5LbfqZNF4ZNwrgp3ljycZJS4h4aCwD5HQTLX3RL1GFeFkTh0qpCU17Fm1ujSqH7W5NdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82c275517b963cb3-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 22:15:25 GMT

GET
H3 200 iconfont.css
www.todawa49.asia/css/ 5 KB
4 KB 26ms
26ms Stylesheet
text/css 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/css/iconfont.css
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d322485983f9bf6aa843345c3eb6dcc06b6d60555c849a778133ac335aa4251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 00:38:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11410
etag: W/"5d9bda7e-1545"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnnpFMF28rhTJ71pWv9FRDX2OF8OLMc0C9nth4mg5qgr3wGTO5OAcKoS9OLK2S1xy%2BUug3%2BBZyjzVkZW2PdQhTu7JX4ivHpqaERIIWnIUKVbGsr2%2FYtBFfLES8U3%2BiymzJe0B9xyXtLTmc%2BesE%2Bdjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 82c275517b983cb3-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 22:15:25 GMT

GET
H3 200 common.js Show response
www.todawa49.asia/js/ 1 KB
936 B 28ms
27ms Script
application/javascript 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa49.asia/js/common.js
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf0d6da2b17b813749a8b61047b209827603fb1fdff3ef336df7e67fe16aefe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 03:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11410
etag: W/"5d82f024-5d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIKYyqLrSS019iiH0A%2BaNHlWn%2BYJbBu7pmmdfwVdBHSj%2FTn6sm%2FTQuj8oF1YVmXsdcCZ2p58m4%2BDEfxzOynaqypghzZ0RUT2v4SNLKPwU0pwNf8Z5xi6w9pw062ahKHFPCG%2FoTMjqUrcmH1noQdOTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 82c275517b993cb3-CDG
alt-svc: h3=":443"; ma=86400
expires: Sun, 26 Nov 2023 22:15:25 GMT

GET
H3 200 logo.gif
www.todawa49.asia/images/common/ 2 KB
3 KB 39ms
39ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/common/logo.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ea8b8e5fb63e30170770409f524bac18a024b210d690fa0db919212269a14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269761
alt-svc: h3=":443"; ma=86400
content-length: 2449
last-modified: Thu, 19 Sep 2019 04:49:56 GMT
server: cloudflare
etag: "5d8308f4-991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBbwz49O%2BolCewKnBA3GjfiyarTkJr8IY4aNYf0WsIWo0aI5jMfDC%2FmBKiCI%2FlW0NHjWnhjkUWaxcnHd8yUnW1rbeg0SmHHp%2BEbjmRe7YeKoYGA6bBzeAzsvp2E4IErEyM7hTN1URFxfQmyOP5uH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c275517b9a3cb3-CDG
expires: Sat, 23 Dec 2023 10:29:34 GMT

GET
H3 200 search.gif
www.todawa49.asia/images/common/ 2 KB
2 KB 28ms
28ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/common/search.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89a06d4661e5607389bec9499b0d799fb723f1319cdb5fd1024fa5d70161075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269761
alt-svc: h3=":443"; ma=86400
content-length: 1782
last-modified: Wed, 18 Sep 2019 05:26:59 GMT
server: cloudflare
etag: "5d81c023-6f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPbtg4HXMslFUT61opix7uxEP7P6F5xdgKYSVb4sWRPa7tzVFgcZ%2FyzygFa1596YYF28nM0%2BRYWuh6GPocsSkVV%2Bzr%2FhgIZEaKrsD5lQvAxZyiLWjvyGxJvK%2B%2BOnXEmkqx5RCLL%2BoFVsAYju0DvvsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c275517b9b3cb3-CDG
expires: Sat, 23 Dec 2023 10:29:34 GMT

GET
H3 200 img_19.png
www.todawa49.asia/images/ 1 KB
2 KB 22ms
22ms Image
image/png 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/img_19.png
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269760
alt-svc: h3=":443"; ma=86400
content-length: 1535
last-modified: Wed, 08 Jun 2022 13:48:46 GMT
server: cloudflare
etag: "62a0a8be-5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV0GmeuZKD2DWrUUR5qbNu8l5E7vAY0TMmHq4dwYtB61nD6%2Fh7L0%2FjSlmCkXsKNiXo8ihNh7qvsWgdP6yL%2Bu%2FaTxllRRI3gx14I7TE8So7fMhrbEA%2BDBauPok4qigldFi1fByaEXrJqePkh1f1FWrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c27551bbd63cb3-CDG
expires: Sat, 23 Dec 2023 10:29:35 GMT

GET bet1_380.jpg
i.keezip.com/ad/ 0
0

GET wn-xg_1.jpg
i.keezip.com/ad/ 0
0

GET ww-ot_m.jpg
i.keezip.com/ad/ 0
0

GET drugpharm_m2.gif
i.keezip.com/ad/ 0
0

GET kakao.jpg
i.keezip.com/ad/ 0
0

GET nulpurn_380.gif
i.keezip.com/ad/ 0
0

GET herbnewming.gif
i.keezip.com/ad/ 0
0

GET filecast_m.gif
i.keezip.com/ad/ 0
0

GET spzhspzh.gif
i.keezip.com/ad/ 0
0

GET sekder.gif
i.keezip.com/ad/ 0
0

GET
H3 200 icon_new.gif
www.todawa49.asia/images/ 511 B
999 B 25ms
25ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/icon_new.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248531
alt-svc: h3=":443"; ma=86400
content-length: 511
last-modified: Thu, 19 Sep 2019 13:42:13 GMT
server: cloudflare
etag: "5d8385b5-1ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVZm9R68ZS6OhewFSPOqLOB3f6FSARwCzuTMVEb7tXrKhiX77kfRCuwi9MmICDylcmkpI82CifpZB43EsUhm7DK%2FfS3gGKeNbJcYzVIVf2CvQIxw1KE1tDkpy4G3s8XjC%2BVLYxbrt3imgViw1pTYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c2755f8d223cb3-CDG
expires: Sat, 23 Dec 2023 16:23:26 GMT

GET
H3 200 icon_nonew.gif
www.todawa49.asia/images/ 1 KB
2 KB 23ms
22ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/icon_nonew.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42446
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Sat, 12 Oct 2019 14:47:22 GMT
server: cloudflare
etag: "5da1e77a-4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgwdoXhDkJp%2Bngh16McfmZDUaTjie5M5isUN%2F2Hyx1e%2Ft6%2BdlsRvtVXRYvXGo0IbVifEYjclr2mXL3JlFbiYELEZIdXdZPQTBf5F8ntoWvstuE5hZsV9heWMnTIGMEk551aFFpatSbBHZT%2BFJXOTQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c2755f8d253cb3-CDG
expires: Tue, 26 Dec 2023 01:38:11 GMT

GET drugpharm2.gif
i.keezip.com/ad/ 0
0

GET bet1_250.jpg
i.keezip.com/ad/ 0
0

GET nulpurn_200.gif
i.keezip.com/ad/ 0
0

GET
H2 200 jquery-3.6.0.slim.js Show response
code.jquery.com/ 230 KB
68 KB 184ms
61ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.js
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6

Request headers

Referer: https://www.todawa49.asia/
Origin: https://www.todawa49.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 26 Nov 2023 13:25:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6202932
x-cache: HIT, HIT
content-length: 68992
x-served-by: cache-lga21921-LGA, cache-fra-eddf8230023-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701005138.681521,VS0,VE0
etag: W/"28feccc0-3974d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1814, 6

GET
H/1.1 200
OK PelicanC.dll Show response
ad.aceplanet.co.kr/cgi-bin/ 2 KB
3 KB 1719ms
279ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Icheon-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 245a8c53f42c2e53081d34a47f2a72c59c05dce5712780f1a9a450b986d66d37

Request headers

Referer: https://www.todawa49.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 26 Nov 2023 13:25:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H2 200 tend.js Show response
js.ad4989.co.kr/common/js/ 35 KB
7 KB 2748ms
358ms Script
application/javascript 101.235.211.24
HCNSEOCHOCATV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend.js
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 101.235.211.24 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software: /
Resource Hash: 1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges: bytes
etag: "616fc340:1aea"
content-length: 6890
content-type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
31 KB 145ms
124ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.aceplanet.co.kr
URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f373da5e65544b405e572e1a7d3c7f94abcabb60c83f9215fd1a5adad63a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31361
x-xss-protection: 0
server: cafe
etag: 168 / 19687 / 31079657 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Nov 2023 13:25:39 GMT

GET
H/1.1 200
OK PelicanC.dll Show response
ad.abchub.site/cgi-bin/ 3 KB
3 KB 830ms
278ms Script
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 76cbb4971d1077b13a4ce3742a67ca8ec5389c1c95553e59b059fe3003fc14a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 26 Nov 2023 13:25:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13707
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 25 Nov 2024 09:37:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 50 B
77 B 56ms
41ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.todawa49.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef6f8aa19bbb62d88e51a6aef56a3f600d837c1df20b7590877269f5ab658ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Sun, 26 Nov 2023 13:25:39 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 293ms
293ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2751447487601998&correlator=3829291172796464&eid=31079660%2C31079666%2C31079668%2C31079657%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21682743634%3A22431107073%2CS011%2Cplaystore%2Cga02%2Cpc%2Cpost_right_bottom_btf_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=www.todawa49.asia&abxe=1&dt=1701005139503&adxs=1268&adys=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=%2F%2Fplay-store.co.kr&loc=https%3A%2F%2Fwww.todawa49.asia%2Fhome.php&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=86950914.1701005140&ga_sid=1701005140&ga_hid=1053657220&ga_fc=false&dlt=1701005135584&idt=3880&adks=2619987900&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c6d24de687213a91e0c48b376060125bc6976055d50b71f422645724ad768a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12918
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.todawa49.asia
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BEE3 6 KB
3 KB 63ms
15ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todawa49.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 13:25:39 GMT
expires: Mon, 25 Nov 2024 13:25:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 85DD 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todawa49.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 13:25:39 GMT
expires: Mon, 25 Nov 2024 13:25:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 85DD 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfcsPU0djZbzOIafn1PIP3J6ggA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAgfENCuTWrI-4AIAqAMByAMCqgSxAk_QWb04ygEnYrukf-nQLQ-C8zsj7Ef4xglfJIxTzj0Bln3UhiyCY9nxX3SNaDCpq4uKydP8hxoCPSardHrjh7KC0vUYwST3ntwa55buU-TaZlyeLy_FvQzdlgGyTd9VyAxtfPge9jC1Vbcq4LOYHDCo7eVUGqb8jbe0YQ8gK13mTqoPwBD2JfaReZ4YFfCegvOQnBV79z0DAE5xXbjJYyYUMm9NgJJswBZ1zE7k9yOHZcwkfcfJ3V4L4Okm3Rbx5sWvjpDwBIPofBuB-ZXhhsPla3KhJBqUAPEuT_dRg02OmI1uWIMwffs5ArkIsgrhiTe_cBGMIqD18pzIXlg8Wq15DcEHI97vTFikuZQH-Vw55NDc1Wti-mxHt400BaXJ-ZW2lldV2Ek_Qd7C2yzfuRPR4AQBgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02OTkxMjcxMTg1MzkzNDUxgAoD-gsCCAGADAHiDRMI2rbp-OHhggMVpzNVCB1cDwjw0BUBgBcBshccChoSFHB1Yi0zNjY1NTc1Njk2Mjk4NzczGNrNaw&sigh=KpCMFTGtfWw&uach_m=%5BUACH%5D&cid=CAQSLgDICaaNDTT6KUljcYofLTtU_jMRCyfDJ37T5r0urCEvXj1fGdDGz-flYvNTGc8YAQ
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 85DD 0
0 55ms
13ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5KDDsc1rAL6AZ2DYgICAAAAhWPcdbBWuzo3sI8tpxDBfBBSR2NlqBgcvySqDRyjrQAAEgAACgpBUVVCQVFFQkFR&wp=ZWNHUwAIZzwIVTOnAAgPXFQEAVEufBbjksuOZg

Requested by

Host: www.todawa49.asia
URL: https://www.todawa49.asia/home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 159889
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6C05 115 KB
41 KB 83ms
57ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWNHUwAIZzwIVTOnAAgPXFQEAVEufBbjksuOZg&u=%7CtD%2BfZhwApikZzWdahuE%2FvRtMxMrmRt8ul1WSS3wOur8%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-xh-pigWfkkp9Iinsxv0hY1BVipphP__qpK5qUwr1Yfs4XaeEbQ8NCFr4hof7Jry99luv_oiJrHOXtMVAfaGXyelvHmAb13q0EXwgxI7ZKjMDTCU3x-xm6Y-_NeHOdEMG8448QlmsF2Uj9H_Y1DbxS4B_h__Wr6QwG-8qIpRMgvkk7C06X9-mKpbEhw7bSbtfiPiEpFHyZmjHhwn9liUrxvJH_6YllxIee_EBMapPhJC-kEzTQph7VNAfZS9Vn0Ly3pmWMXYZ1eHBIEITaOAY1hQ54ZRPcWZqyRt0hlKd50SnkuU2_f5qPAzf4QG2DK4VCxvfEMSnlScaeExQN0dZ-j3n1_L6SxynPMwxgpv0nHofKAnDdaopsR7NovMIV7YhCDGDrA3Qhi37ds39fmroAvRm8_rt39HhJfV9hQ9P6iWQPcW9gIQUh2w632x5f4vFHpB5oPmr3U3Q9_JFyDlZSncVpvAl95BxhzJVmfYRY1-Yo63nXrl_f1NU-NGSZtfzIYRc1vztY9xuvOOIiUWVSzyibaG41HuVnjDXE-OpNym4C5glPF7L7THnwg5qk4sfhBrvXvGFAnExF6zmwEQ03Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BfiU0djZbzOIafn1PIP3J6ggA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAgfENCuTWrI-4AIAqAMByAMCqgS0Ak_QWb04ygEnYrukf-nQLQ-C8zsj7Ef4xglfJIxTzj0Bln3UhiyCY9nxX3SNaDCpq4uKydP8hxoCPSardHrjh7KC0vUYwST3ntwa55buU-TaZlyeLy_FvQzdlgGyTd9VyAxtfPge9jC1Vbcq4LOYHDCo7eVUGqb8jbe0YQ8gK13mTqoPwBD2JfaReZ4YFfCegvOQnBV79z0DAE5xXbjJYyYUMm9NgJJswBZ1zE7k9yOHZcwkfcfJ3V4L4Okm3Rbx5sWvjpDwBIPofBuB-ZXhhsPla3KhJBqUAPEuT_dRg02OmI1uWIMwffs5ArkIsgrhiTe_cBGMIqD18pzIXlg8Wq15DcEHI97vTFikudYF2M65dwDhc7tFIOBnXik6Iq9_87uuFOOd5e_N_sDuw7QVLTM4rieM4AQBgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02OTkxMjcxMTg1MzkzNDUx-gsCCAGADAHiDRMI2rbp-OHhggMVpzNVCB1cDwjw0BUBgBcB%26num%3D1%26sig%3DAOD64_1u8YZiLMUz69Ma9KjLa_0Z22a9-Q%26client%3Dca-pub-3665575696298773%26adurl%3D

Requested by

Host: 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6e791ff4e89957678de3c7fd9ff745437675a6eb9c21643b8087fd5b69d6d25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 13:25:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=50Rs-yuIJeJC8WLsIrvjtkl_eZ592BGDNJTiL4XWHUi4pZzlQnNQcAjKSmIY-GcuV1iV4WQSD4Jl8kj9zrz4kR3U_dww5yHeyP6ez8qp1FFZZgSxqln6DRrVDk0Vk_fnQhlGG2HJgQdoM9GA-riQn8PMpWZRbbE4Awx5QjfofThQxAC5dIpm9vI4lx7VIUnXL-_dJW-zFJwipWyQ19ckcurXF9MKohCNn__pY_0HuYHLle566lpxr2q7BrtAmdFmJAkyuw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 39351787
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 85DD 3 KB
1 KB 34ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 10:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:16:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 85DD 20 KB
9 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 16:17:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 85DD 24 KB
7 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 443776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85DD 202 KB
64 KB 48ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 13:25:39 GMT

GET
DATA 200
OK truncated
/ Frame 85DD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e20fdb0fce06e06aa60b883669382120fb5c77ebf54217f9e622ec2bce43ec08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C05 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWNHUwAIZzwIVTOnAAgPXFQEAVEufBbjksuOZg&u=%7CtD%2BfZhwApikZzWdahuE%2FvRtMxMrmRt8ul1WSS3wOur8%3D%7C&c1=VEd5MTeK-DXZ_xpexaO2-xh-pigWfkkp9Iinsxv0hY1BVipphP__qpK5qUwr1Yfs4XaeEbQ8NCFr4hof7Jry99luv_oiJrHOXtMVAfaGXyelvHmAb13q0EXwgxI7ZKjMDTCU3x-xm6Y-_NeHOdEMG8448QlmsF2Uj9H_Y1DbxS4B_h__Wr6QwG-8qIpRMgvkk7C06X9-mKpbEhw7bSbtfiPiEpFHyZmjHhwn9liUrxvJH_6YllxIee_EBMapPhJC-kEzTQph7VNAfZS9Vn0Ly3pmWMXYZ1eHBIEITaOAY1hQ54ZRPcWZqyRt0hlKd50SnkuU2_f5qPAzf4QG2DK4VCxvfEMSnlScaeExQN0dZ-j3n1_L6SxynPMwxgpv0nHofKAnDdaopsR7NovMIV7YhCDGDrA3Qhi37ds39fmroAvRm8_rt39HhJfV9hQ9P6iWQPcW9gIQUh2w632x5f4vFHpB5oPmr3U3Q9_JFyDlZSncVpvAl95BxhzJVmfYRY1-Yo63nXrl_f1NU-NGSZtfzIYRc1vztY9xuvOOIiUWVSzyibaG41HuVnjDXE-OpNym4C5glPF7L7THnwg5qk4sfhBrvXvGFAnExF6zmwEQ03Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BfiU0djZbzOIafn1PIP3J6ggA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAgfENCuTWrI-4AIAqAMByAMCqgS0Ak_QWb04ygEnYrukf-nQLQ-C8zsj7Ef4xglfJIxTzj0Bln3UhiyCY9nxX3SNaDCpq4uKydP8hxoCPSardHrjh7KC0vUYwST3ntwa55buU-TaZlyeLy_FvQzdlgGyTd9VyAxtfPge9jC1Vbcq4LOYHDCo7eVUGqb8jbe0YQ8gK13mTqoPwBD2JfaReZ4YFfCegvOQnBV79z0DAE5xXbjJYyYUMm9NgJJswBZ1zE7k9yOHZcwkfcfJ3V4L4Okm3Rbx5sWvjpDwBIPofBuB-ZXhhsPla3KhJBqUAPEuT_dRg02OmI1uWIMwffs5ArkIsgrhiTe_cBGMIqD18pzIXlg8Wq15DcEHI97vTFikudYF2M65dwDhc7tFIOBnXik6Iq9_87uuFOOd5e_N_sDuw7QVLTM4rieM4AQBgAaXj53usKe3k4kBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi02OTkxMjcxMTg1MzkzNDUx-gsCCAGADAHiDRMI2rbp-OHhggMVpzNVCB1cDwjw0BUBgBcB%26num%3D1%26sig%3DAOD64_1u8YZiLMUz69Ma9KjLa_0Z22a9-Q%26client%3Dca-pub-3665575696298773%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6C05 2 KB
1 KB 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6C05 308 B
637 B 38ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6C05 293 B
621 B 42ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6C05 43 B
348 B 48ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xmTzF7Y2picv2iR_mUhy6y9BkplNZ4AvSP9LeZtQ1ej3yKDNKyHxCsYU0pJ1eKONFlbOK2Q3QdBWvnvRuMHjV26Sg00WR7hCXj4xBzgbsX01LhqP1P3B-yMSwKgtcA5ZoXflCXBh5FHIxnfVY6rWOurylGV-6pDCmkCYp-q_t_NcgtAIAoV89Z6y4lh2KgHmfC4Pg_iNHNGBis9llZt6_V9dYzShcGVRufgyP37E6cnb20ZuVCKBvCxggyg6RZYdQzq7vJ8AHXrPPHuv1ldm15DdHrByd0quhJb3aHkWT6E-5ZPb-b_iF9RTT-X1nALr46nUgIauo57LlmT73paawctJ5yAGtwO8eZt_UotutJSLdM41KrpVqsJW-21nIFZLiHj28JOmcEdImoO540v93XBzzy7TtHEv7UGSLh1ms9Y_UIjU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1839513
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6C05 12 KB
5 KB 28ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2181974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcWorYTqxAFBMGRNtP1I13OzcaxhWRWYGx734W%2BKxGLOSOwC8oUO9wihQtsMpEiOVrCFL2Nhicerdh61jBAENfp4CpuI6fNDlWNFlTSumvTHYVHtad%2B5tLlhHWbLOkDdiinaBJP2J3hPpzi8Mu0z9YDz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82c2756cdaa93814-FRA
expires: Fri, 15 Nov 2024 13:25:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6C05 12 KB
6 KB 46ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C05 17 KB
17 KB 70ms
33ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=23367&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F17830%2F220113%2F120f42c3c86e4d00b9732aa7e7e2ac8d_logo_colorset_3_horizontal.png&v=3&w=596&rid=4&s=XSJ5wo1SKcpAIjf8ArQKHLP0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9d9cb97224d43dc2d5a2488c4d510ac38168d74053b0e0bb9d8da163d917ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17131
expires: Sun, 03 Nov 2024 05:17:01 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C05 14 KB
14 KB 61ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23367&q=80&r=0&u=https%3A%2F%2Fassets.documents.cimpress.io%2Fv2%2Ffulfillers%2F123815948%2Fcompositions%2F9f40940e-fa2e-4ed5-84be-11f2dd7448d9%2Fassets%2F0017ac1c-84ce-45c4-8da4-a7a5f924acce&v=3&w=400&rid=4&s=fgxpbrOU-eXpJBrWqwEZ80nW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a4e1a96480aad8f5822c3dbcdbe484138768547e917df152e99c32929555649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 14310
expires: Wed, 29 Nov 2023 09:18:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C05 12 KB
13 KB 65ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=23367&q=80&r=0&u=https%3A%2F%2Fuploads.documents.cimpress.io%2Fv1%2Fuploads%2F02023a94-09b0-4a0e-a2ec-dfb3d8786bf5~110%2Foriginal%3Ftenant%3Dnational-pen&v=3&w=400&rid=4&s=0ChyKd1nUg7dLv_cYVERXNCI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7ff69b4c0af1dded8d41280a30604b63aa0e71c9a67314e1eca181a45528b8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
timing-allow-origin: *
content-length: 12794
expires: Mon, 27 Nov 2023 05:21:03 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6C05 0
128 B 59ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=50Rs-yuIJeJC8WLsIrvjtkl_eZ592BGDNJTiL4XWHUi4pZzlQnNQcAjKSmIY-GcuV1iV4WQSD4Jl8kj9zrz4kR3U_dww5yHeyP6ez8qp1FFZZgSxqln6DRrVDk0Vk_fnQhlGG2HJgQdoM9GA-riQn8PMpWZRbbE4Awx5QjfofThQxAC5dIpm9vI4lx7VIUnXL-_dJW-zFJwipWyQ19ckcurXF9MKohCNn__pY_0HuYHLle566lpxr2q7BrtAmdFmJAkyuw&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 13:25:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C05 2 KB
1 KB 30ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6C05 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 poppins-400.css
static.criteo.net/design/googlefont/poppins/ Frame 6C05 1 KB
714 B 20ms
19ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 poppins-700.css
static.criteo.net/design/googlefont/poppins/ Frame 6C05 1 KB
714 B 22ms
21ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:40 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d8-405"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 6C05 2 KB
900 B 21ms
20ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:39 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 6C05 2 KB
899 B 22ms
22ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:40 GMT

GET
H2 200 poppins-400-latin.woff2
static.criteo.net/design/googlefont/poppins/ Frame 6C05 8 KB
8 KB 43ms
16ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/poppins/poppins-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/poppins/poppins-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/poppins/poppins-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0d7-1ecc"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:40 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 6C05 16 KB
17 KB 56ms
29ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 20 Nov 2024 13:25:40 GMT

GET
H/1.1 200
OK PelicanC.dll Show response
ad.aceplanet.co.kr/cgi-bin/ 2 KB
3 KB 278ms
278ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Icheon-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 245a8c53f42c2e53081d34a47f2a72c59c05dce5712780f1a9a450b986d66d37

Request headers

Referer: https://www.todawa49.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 26 Nov 2023 13:25:40 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H3 200 main_bg.gif
www.todawa49.asia/images/common/ 1 KB
2 KB 23ms
23ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/common/main_bg.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/css/common.css?v5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5ce83a1abacd834f7e44a3be40475fdbb8034a7a1f1da33ab6ad985d0b94a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/css/common.css?v5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248534
alt-svc: h3=":443"; ma=86400
content-length: 1215
last-modified: Wed, 18 Sep 2019 07:12:58 GMT
server: cloudflare
etag: "5d81d8fa-4bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hSV1gWEwSy30C9RrLE9VGssRPyJsiSyDhLInYtkZ%2F%2F1hN1Ox8t3I2aSJJSnKZJ0Vct2AEYsoTcTi7A1acGMTYbbRdWw6MjgGhuyhrkZfQos1A9hapV4Rn0EcqZE27444SKBSM5ah4QlKSWzh85b4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c2756f89da3cb3-CDG
expires: Sat, 23 Dec 2023 16:23:26 GMT

GET
H3 200 more.gif
www.todawa49.asia/images/main/ 1 KB
2 KB 24ms
24ms Image
image/gif 2606:4700:3030::ac43:bdab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa49.asia/images/main/more.gif
Requested by: Host: www.todawa49.asia
URL: https://www.todawa49.asia/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:bdab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7985a42dd917c9daf4cd2288e298caab5320df9927ee0ccdf43fed99f2cacf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa49.asia/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42449
alt-svc: h3=":443"; ma=86400
content-length: 1192
last-modified: Wed, 18 Sep 2019 05:26:59 GMT
server: cloudflare
etag: "5d81c023-4a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frmwllE2D01U4ShIG0wJiIe8uXJxJ7fpEiYxXNh5s3OAiekiny%2BZOMar8YeUdujxBYVa6yFc9w4ytpTeJK8LtHH1WoJ4bFnU29KewQd0Y077WVz7RlCfhJsr%2FrB6RwQMKAfhjlTYFASLISkxVlF%2FlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82c2756f89dc3cb3-CDG
expires: Tue, 26 Dec 2023 01:38:11 GMT

GET
H/1.1 200
OK WebLog.dll Show response
engine.tend-table.com/cgi-bin/ Frame 12E3 566 B
669 B 1160ms
280ms Document
text/html 220.117.190.132
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNDkuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1701005140590
Requested by: Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 29bfc223a13545aff9adec8faec0c644c7a642415c15ee3a73a0d3349dcb83c3

Request headers

Referer: https://www.todawa49.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Date: Sun, 26 Nov 2023 13:25:41 GMT
Server: Microsoft-IIS/10.0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85DD 42 B
404 B 65ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHE6m7IAToS9JZiNryjvyCRhBz_1qQB2kySDvEZi1iKQJ65gmJwOwXPApTp2nq1VJ35wAV272lxWzWB89Z7x-QuaCqxIyte3ruB22on3VhtGYiA64a&sig=Cg0ArKJSzK_Ox9bi1widEAE&id=lidar2&mcvt=1000&p=926,1268,1176,1568&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2619987900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701005139817&rpt=121&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 13:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6C05 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 13:25:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 tend_child.js Show response
js.ad4989.co.kr/common/js/ Frame 12E3 14 KB
4 KB 382ms
382ms Script
application/javascript 101.235.211.24
HCNSEOCHOCATV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend_child.js
Requested by: Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNDkuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1701005140590
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 101.235.211.24 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software: /
Resource Hash: 825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engine.tend-table.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:25:40 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges: bytes
etag: "5e539ef6:1164"
content-length: 4452
content-type: application/javascript

GET
H/1.1 200
OK WebLog.dll Show response
engine.tend-table.com/cgi-bin/ Frame 12E3 79 B
391 B 279ms
279ms Script
text/html 220.117.190.132
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cHM6Ly93d3cudG9kYXdhNDkuYXNpYS9ob21lLnBocA==&inflow=&query=&lang=utf-8&cookieval=&tm=1701005142229&jquerycallback=foinCookie.setReferrer_local
Requested by: Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 220.117.190.132 Gangnam-gu, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNDkuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1701005140590
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma: no-cache
Date: Sun, 26 Nov 2023 13:25:42 GMT
Cache-Control: no-cache
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H/1.1 200
OK pelicanc.dll Show response
ad.abchub.site/cgi-bin/ Frame 2318 0
372 B 821ms
274ms Document
text/html 221.165.139.2
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.abchub.site/cgi-bin/pelicanc.dll?adservicename=VLD&name=FOIN_CATEGORY&method=set&data=&encode_yn=N&copy_yn=Y&tm=1701005142510
Requested by: Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend_child.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 221.165.139.2 Osan, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engine.tend-table.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-type: text/html
Date: Sun, 26 Nov 2023 13:25:43 GMT
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Server: Microsoft-IIS/10.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.keezip.com
URL: https://i.keezip.com/ad/bet1_380.jpg

Domain: i.keezip.com
URL: https://i.keezip.com/ad/wn-xg_1.jpg

Domain: i.keezip.com
URL: https://i.keezip.com/ad/ww-ot_m.jpg

Domain: i.keezip.com
URL: https://i.keezip.com/ad/drugpharm_m2.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/kakao.jpg

Domain: i.keezip.com
URL: https://i.keezip.com/ad/nulpurn_380.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/herbnewming.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/filecast_m.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/spzhspzh.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/sekder.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/drugpharm2.gif

Domain: i.keezip.com
URL: https://i.keezip.com/ad/bet1_250.jpg

Domain: i.keezip.com
URL: https://i.keezip.com/ad/nulpurn_200.gif

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad.abchub.site/	1970-01-20 16:50:47	Name: FOIN_REF1 Value: https://www.todawa49.asia/
ad.abchub.site/	1970-01-21 02:06:05	Name: HEAD Value: 021050TwiqCxg
ad.aceplanet.co.kr/	1970-01-20 16:50:47	Name: FOIN_REF1 Value: https://www.todawa49.asia/
ad.aceplanet.co.kr/	1970-01-21 02:06:05	Name: HEAD Value: 021050TwiqDNw
.todawa49.asia/	1970-01-21 01:51:41	Name: __gads Value: ID=ebde25c410ab21e7:T=1701005139:RT=1701005139:S=ALNI_MZXDWWCdWNF6Cn7FSOVz5hJsIW9_w
.doubleclick.net/	1970-01-21 01:51:41	Name: IDE Value: AHWqTUkuPLvpJOoknBskHKxQu5XW5p7QVYiTssL8_qUiMda9fvMavr6ZcbQT4I2HbfU
engine.tend-table.com/	1970-01-21 02:06:05	Name: HEAD Value: 010050TwiqE3s
engine.tend-table.com/	1970-01-20 17:13:17	Name: FOIN_CATEGORY1 Value:
ad.abchub.site/	1970-01-20 16:50:47	Name: FOIN_CATEGORY1 Value:

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.keezip.com/ad/bet1_380.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://i.keezip.com/ad/wn-xg_1.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/ww-ot_m.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/drugpharm_m2.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/kakao.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/nulpurn_380.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/herbnewming.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/filecast_m.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/spzhspzh.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/sekder.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://i.keezip.com/ad/drugpharm2.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
other	warning	URL: https://280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://i.keezip.com/ad/bet1_250.jpg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

280a507142811b94445f17cb4bfaceac.safeframe.googlesyndication.com
ad.abchub.site
ad.aceplanet.co.kr
ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
code.jquery.com
csm.eu.criteo.net
engine.tend-table.com
i.keezip.com
imageproxy.eu.criteo.net
js.ad4989.co.kr
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
todawa47.asia
tpc.googlesyndication.com
www.googletagservices.com
www.todawa49.asia
i.keezip.com
101.235.211.24
178.250.1.6
211.226.25.200
220.117.190.132
221.165.139.2
2606:4700:3030::ac43:bdab
2606:4700:3032::ac43:bc67
2606:4700::6811:190e
2a00:1450:4001:802::2001
2a00:1450:4001:803::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a04:4e42:200::649
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
099cb2b3f532320be872a078895b38c7c329dc913a9b31133ecbfb760868370d
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
245a8c53f42c2e53081d34a47f2a72c59c05dce5712780f1a9a450b986d66d37
29bfc223a13545aff9adec8faec0c644c7a642415c15ee3a73a0d3349dcb83c3
308052b1bf48d457ff68c33a498c882f75beaae17118485be2dd3163fe0c7c11
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d322485983f9bf6aa843345c3eb6dcc06b6d60555c849a778133ac335aa4251
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52c6d24de687213a91e0c48b376060125bc6976055d50b71f422645724ad768a
5e5ce83a1abacd834f7e44a3be40475fdbb8034a7a1f1da33ab6ad985d0b94a2
64a0c38e91767fafc305dc34e65c52834e5d4772cd3a4c17a7662b0981055ff7
66ea8b8e5fb63e30170770409f524bac18a024b210d690fa0db919212269a14a
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6e791ff4e89957678de3c7fd9ff745437675a6eb9c21643b8087fd5b69d6d25b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72855f862df04b84b9755977382129f3f7f22f188f02686807e0eb5df1916155
76cbb4971d1077b13a4ce3742a67ca8ec5389c1c95553e59b059fe3003fc14a6
79f373da5e65544b405e572e1a7d3c7f94abcabb60c83f9215fd1a5adad63a39
7daa38592e6029ec25860829e7d61ef3e7d547b18ebc2ad4a04b37f5c37c268f
7ff69b4c0af1dded8d41280a30604b63aa0e71c9a67314e1eca181a45528b8cd
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87
8a4e1a96480aad8f5822c3dbcdbe484138768547e917df152e99c32929555649
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3f23333f71d0d99e810d428517a119f05cefbdc56272db5a3945a4e1e6d9069
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ae18c6dd210db9e164ab3b6a9b64ded581f8981a819eb70c4cc05779913c1782
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
bf0d6da2b17b813749a8b61047b209827603fb1fdff3ef336df7e67fe16aefe9
cf18a9ed9a6aa889d227de181fe071fe47062764cacd90c4423b81b6bbbee834
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7
e20fdb0fce06e06aa60b883669382120fb5c77ebf54217f9e622ec2bce43ec08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7985a42dd917c9daf4cd2288e298caab5320df9927ee0ccdf43fed99f2cacf2
e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5
ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6f8aa19bbb62d88e51a6aef56a3f600d837c1df20b7590877269f5ab658ff6
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f89a06d4661e5607389bec9499b0d799fb723f1319cdb5fd1024fa5d70161075
f9d9cb97224d43dc2d5a2488c4d510ac38168d74053b0e0bb9d8da163d917ffd

www.todawa49.asia Open in urlscan Pro 2606:4700:3030::ac43:bdab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

81 %HTTPS

74 %IPv6

14 Domains

20 Subdomains

19 IPs

4 Countries

520 kBTransfer

1411 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.todawa49.asia Open in urlscan Pro
2606:4700:3030::ac43:bdab Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

81 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

19
IPs

4
Countries

520 kB
Transfer

1411 kB
Size

9
Cookies

70 HTTP transactions
1 data transactions