m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.xuite.net/photo/giftcn
Submission: On April 26 via manual (April 26th 2023, 4:31:06 am UTC) from IN — Scanned from DE

Summary HTTP 259 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 26 domains to perform 259 HTTP transactions. The main IP is 2001:b000:1c9:7600:0:a:d23d:3827, located in Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is m.xuite.net. The Cisco Umbrella rank of the primary domain is 778203.
TLS certificate: Issued by on May 19th 2022. Valid for: a year.

This is the only time m.xuite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 19	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3827	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
7	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:382a	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3831	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3822	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	108.138.17.30 108.138.17.30	16509 (AMAZON-02) (AMAZON-02)
18	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3818	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	2001:b000:1c9... 2001:b000:1c9:7600:0:a:d23d:3826	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1 1	54.70.8.72 54.70.8.72	16509 (AMAZON-02) (AMAZON-02)
1	108.156.208.43 108.156.208.43	16509 (AMAZON-02) (AMAZON-02)
15	203.75.213.47 203.75.213.47	3462 (HINET Dat...) (HINET Data Communication Business Group)
53	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:1755	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	52.163.200.170 52.163.200.170	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	211.21.190.218 211.21.190.218	3462 (HINET Dat...) (HINET Data Communication Business Group)
30	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	() ()
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	() ()
2 2	18.198.82.46 18.198.82.46	() ()
5	142.250.74.194 142.250.74.194	() ()
1 1	185.29.134.248 185.29.134.248	() ()
1 1	85.114.159.118 85.114.159.118	() ()
1 1	51.75.86.98 51.75.86.98	() ()
259	35

19 2001:b000:1c9:7600:0:a:d23d:3827 (Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)

m.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:b000:1c9:7600:0:a:d23d:382a (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

img.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatar.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:b000:1c9:7600:0:a:d23d:3831 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:b000:1c9:7600:0:a:d23d:3822 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)

photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-30.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2001:b000:1c9:7600:0:a:d23d:3818 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

4.share.photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8.share.photo.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:b000:1c9:7600:0:a:d23d:3826 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

my.xuite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.8.72 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-8-72.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.208.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-208-43.dfw56.r.cloudfront.net

a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 203.75.213.47 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1755 (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.163.200.170 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.21.190.218 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.82.46 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.194 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	googlesyndication.com ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com Failed pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com	624 KB
55	xuite.net 4 redirects m.xuite.net — Cisco Umbrella Rank: 778203 img.xuite.net — Cisco Umbrella Rank: 576880 xuite.net — Cisco Umbrella Rank: 247538 photo.xuite.net — Cisco Umbrella Rank: 468394 avatar.xuite.net 4.share.photo.xuite.net my.xuite.net 8.share.photo.xuite.net	920 KB
37	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net	691 KB
19	hinet.net ssp.hinet.net — Cisco Umbrella Rank: 73151 t.ssp.hinet.net — Cisco Umbrella Rank: 73778 ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net	30 KB
18	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930	5 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	106 KB
8	tenmax.io ssp.tenmax.io — Cisco Umbrella Rank: 117601 dmp.tenmax.io — Cisco Umbrella Rank: 139577	9 KB
7	google.de adservice.google.de — Cisco Umbrella Rank: 5261 www.google.de — Cisco Umbrella Rank: 3425	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	219 KB
6	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 109579	15 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 322	110 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	121 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	5 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	126 KB
2	cacafly.net tenmax-static.cacafly.net — Cisco Umbrella Rank: 125750	82 KB
2	cloudfront.net d31qbv1cthcecs.cloudfront.net a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net	2 KB
1	onetag-sys.com 1 redirects onetag-sys.com	338 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	586 B
1	mathtag.com 1 redirects sync.mathtag.com	876 B
1	quantserve.com cms.quantserve.com	465 B
1	a2z.com 1 redirects redirect.prod.experiment.routing.cloudfront.aws.a2z.com	138 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	21 KB
0	alexametrics.com Failed certify.alexametrics.com Failed
259	26

	Domain	Requested by
31	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.xuite.net 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com pagead2.googlesyndication.com 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com m.xuite.net 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
22	securepubads.g.doubleclick.net	ssp.hinet.net securepubads.g.doubleclick.net m.xuite.net www.googletagservices.com 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
19	m.xuite.net	2 redirects m.xuite.net
17	4.share.photo.xuite.net	m.xuite.net
15	ssp.hinet.net	ad.sitemaji.com ssp.hinet.net m.xuite.net code.jquery.com
10	www.gstatic.com	googleads.g.doubleclick.net
10	www.google.com	1 redirects tpc.googlesyndication.com m.xuite.net googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	m.xuite.net pagead2.googlesyndication.com googleads.g.doubleclick.net
6	ssp.tenmax.io	tenmax-static.cacafly.net m.xuite.net
6	www.googletagservices.com	securepubads.g.doubleclick.net tenmax-static.cacafly.net 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	ad.sitemaji.com	m.xuite.net ad.sitemaji.com
6	my.xuite.net	m.xuite.net img.xuite.net
6	img.xuite.net	m.xuite.net img.xuite.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	xuite.net	1 redirects m.xuite.net
4	code.jquery.com	m.xuite.net ssp.hinet.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com m.xuite.net
3	t.ssp.hinet.net	m.xuite.net t.ssp.hinet.net
3	cdnjs.cloudflare.com	m.xuite.net
3	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	img.xuite.net www.googletagmanager.com
2	dmp.tenmax.io	m.xuite.net
2	tenmax-static.cacafly.net	m.xuite.net tenmax-static.cacafly.net
1	onetag-sys.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	8.share.photo.xuite.net	m.xuite.net
1	ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net	m.xuite.net
1	www.google.de	m.xuite.net
1	fonts.gstatic.com	fonts.googleapis.com
1	3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net	m.xuite.net
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	1 redirects
1	avatar.xuite.net	m.xuite.net
1	d31qbv1cthcecs.cloudfront.net	m.xuite.net
1	photo.xuite.net	1 redirects
1	cdn.jsdelivr.net	m.xuite.net
0	ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com Failed	securepubads.g.doubleclick.net
0	certify.alexametrics.com Failed	m.xuite.net
259	49

This site contains links to these domains. Also see Links.

Domain
blog.xuite.net
xuite.net
chts.tw
vlog.xuite.net
my.xuite.net
line.naver.jp
www.facebook.com
twitter.com
www.xuite.net
www.hinet.net
www.cht.com.tw

Subject Issuer	Validity	Valid
*.xuite.net	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.share.photo.xuite.net	`2023-04-12` - `2024-04-12`	a year	crt.sh
feebee.com.tw R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.ssp.hinet.net	`2022-09-27` - `2023-09-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2023-01-30` - `2024-02-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://m.xuite.net/photo/giftcn
Frame ID: 2605DEE442384E2C831C2F02BF6716E8
Requests: 102 HTTP requests in this frame

Frame: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
Frame ID: 5F0ED67AFBCEB885F12B64642270C526
Requests: 1 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/app.js
Frame ID: C0BED84ECEF9368D5981DA776BD11114
Requests: 4 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 774257312596E865B0BE4FE61A8FD34F
Requests: 14 HTTP requests in this frame

Frame: https://ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 28B093CD1D9632005DE83058BED9C8D8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn-LjJ1JebdTTtBGL8xQ448_09YF22n8a8c8rSZzpkJNPpDTBtRVAD3XbkXDoYavD_RMBOZNIGUiMMvmyQj6q9izil3vNIm4yDpoDLgAAfLWibi0QFabYyPIrlB-TuQJSPtrlM4X51Ng7BCNvOfTYCK8cTT5PM69CrsKU9Mv7D6D1OepnfXugJ_wsdkyrYhKv6vOx-upYpco6asAjUuBfiCzZmjnMxzcgEzmdUkLqyv7NahY1hPzUlhwXl9fqHN0WgO2TJ5y_5TKRo0wMEQ8O8xWHMVTHxSRh8iZ4bYjLKNQoRlgoXlPnxIDB7uX_x3oQ6qIqNQsrV&sai=AMfl-YSrT1Xv68KaQ9L5YdF6Qjr-5TktXc6rigXrSn7xpe_2MMbjeojOWZzVvhctYbLi4C1BB7LHlfGLPQbBvGLUDGfv5TidkRUuMa2Aw8E69Uiy10yTg9KU6pz8viqQrqwGm7SM6bXMPiSV5emwGZOd&sig=Cg0ArKJSzAA0hgPNiCkuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 20C3F2F59F0F857757735794121BE9F8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D11EF75E39A386568A29E677A1441672
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B25C503589B2B2127C48E5AA7ACE46F6
Requests: 2 HTTP requests in this frame

Frame: https://3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A66C1847E265145603EF9D549528526B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 538A89741963CC845295A925926D13A7
Requests: 15 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=FltgT&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3DFltgT%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=undefined
Frame ID: 9809452F1EA3D3D929B30CC4EAA32F48
Requests: 2 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 73268CA31EB9357C3ACA9F6F4BAB44D4
Requests: 9 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 89C21CB9D5BF3B6CE1EA916B311ABD40
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5CC856A94B7A65D766FD3C498216B81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E52485CAFCC0FE76F6A1E60436B9564
Requests: 2 HTTP requests in this frame

Frame: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9BF5A26AAB271E7C23155FF261480080
Requests: 1 HTTP requests in this frame

Frame: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 73CDB6903B8A024A1621497C91CE3460
Requests: 11 HTTP requests in this frame

Frame: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 90BCD5C50CA13D4D89ABD38CED8104F1
Requests: 1 HTTP requests in this frame

Frame: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 00BE9C7513C64757E0DB56CEE75CDB50
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52579F6328A8DF43DA48A997A5BE12AC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC080CA56037D3DD9EA2F28E72AE0BB6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: B166501A904BC618B958263D5D51146F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F0552FA5AAE53F1C5F043DC98B90340
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A196CC756C86DC9A12635375EEFA85C9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=3407277752&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=4&bdt=181&idt=160&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&nras=1&correlator=3155737722588&frm=8&ife=1&pv=2&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&fsapi=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.oealozbwolze&fsb=1&dtd=187
Frame ID: 05FF31832FCDF93D1F5615FD100A89AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862041&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=2&bdt=182&idt=167&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3155737722588&frm=8&ife=1&pv=1&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8io6i16s3sqr&fsb=1&dtd=201
Frame ID: 58EE3E4CA6A5D224F79AE47ABAFBDB94
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=3407277753&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=4&bdt=170&idt=250&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&nras=1&correlator=1587344582571&frm=8&ife=1&pv=2&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&fsapi=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.2iu2vbwvq5yf&fsb=1&dtd=292
Frame ID: C429313B6CAD1107FBCF9314D2C622F3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9372393AB026231382031B74D6AF0726
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DF1145862FAEFD88D4E641D7956C301
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331
Frame ID: ABA6CC80A4FFE65260C8F4866EF86380
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4785245A54DE002241F0F1E4A7CA24D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CC637530F71C1B8826AEA11FECFFA69
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 148ABC93E40ACB9A51E3657F8773057C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 75C4948B036E321A29A9D6B69447B8CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C53321EC10CA2EAD0FFE6024DE5CFD4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

giftcn的相簿 @ 隨意窩 Xuite 相簿

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

259
Requests

95 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

35
IPs

6
Countries

3107 kB
Transfer

8241 kB
Size

22
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.xuite.net/xuite.net/xuite/590728109
Title: 7z檔解壓縮教學

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite/590728046
Title: 影音匯出下載教學

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite/590728303
Title: 相簿匯出下載教學

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite/590649543
Title: 日誌匯出下載教學

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite/590786488
Title: 《公告》提醒您！隨意窩將於112年5月1日進唯讀模式

Search URL Search Domain Scan URL

URL: https://chts.tw/VnYfzt
Title: 檔案下載不夠放嗎？聰明選擇看這邊！中華電信Google One年約方案月付銅板價，輕鬆守住荷包放大空間！

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite/63078172
Title: more

Search URL Search Domain Scan URL

URL: https://vlog.xuite.net/live/ftvtv?utm_source=xuite&utm_medium=bn&utm_content=angel

Search URL Search Domain Scan URL

URL: https://my.xuite.net/service/event/my/for_blog_event_angel.php?showType=online
Title: 更多

Search URL Search Domain Scan URL

URL: https://line.naver.jp/R/msg/text/?%20%0D%0Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn%20%5BXuite%E9%9A%A8%E6%84%8F%E7%AA%A9%5D

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?url=https%3Ahttps%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn

Search URL Search Domain Scan URL

URL: https://www.xuite.net/service/report/report.html
Title: 檢舉

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/xuite.net/xuite
Title: 站長日誌

Search URL Search Domain Scan URL

URL: http://www.hinet.net/copyright.html
Title: 著作權保護

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/consumer/membership_terms
Title: 會員條款

Search URL Search Domain Scan URL

URL: http://www.hinet.net/kid.html
Title: 兒童網路安全

Search URL Search Domain Scan URL

URL: http://www.hinet.net/classify2.html
Title: 網站及平臺內容管理措施

Search URL Search Domain Scan URL

URL: https://www.hinet.net/
Title: HiNet 首頁

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://photo.xuite.net/@login?furl=/@ack HTTP 302
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336 HTTP 302
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Request Chain 36

https://m.xuite.net/img/V2/articlelist-default-bg.jpg HTTP 302
https://my.xuite.net/error.php?ecode=404

Request Chain 42

https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
https://a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net/test.png

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 148

https://m.xuite.net/photo/undefined HTTP 302
https://my.xuite.net/error.php?channel=www&ecode=Nodata

Request Chain 236

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu1ppBuYi4Ysw1vHLYwVDcTWgoliX2TQOKwVM5u-RSkdFE3xHTUz4dPXYY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu1ppBuYi4Ysw1vHLYwVDcTWgoliX2TQOKwVM5u-RSkdFE3xHTUz4dPXYY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BEdGNNZnQxUFJ3TzU1&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu1ppBuYi4Ysw1vHLYwVDcTWgoliX2TQOKwVM5u-RSkdFE3xHTUz4dPXYY

Request Chain 237

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECh6gLoYH_lUUEHS5iQaRN4&google_cver=1&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8dVYDGE09NMpzuX-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8dVYDGE09NMpzuX-8

Request Chain 238

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA7SRLgCTqv3X1QG0wr-qJk&google_cver=1&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9jlXjSXq98znlvRkGg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjIxMTQ1ODI0ODE0NTA0Mw%3D%3D&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9jlXjSXq98znlvRkGg

Request Chain 239

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELAV7oqr26H1Q9m03xmN9Q4&google_cver=1&google_push=ATf1kGOuv4GJvYp3KADMvVqtklECC6EwNNDKf7R8Pj8GgoIUoCpkRXcNylLVg26_oy0zMZLrSXt8zM1kR7Xqu5_lE5ayMqWjP5avfqM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuv4GJvYp3KADMvVqtklECC6EwNNDKf7R8Pj8GgoIUoCpkRXcNylLVg26_oy0zMZLrSXt8zM1kR7Xqu5_lE5ayMqWjP5avfqM&google_hm=eS13cUJxZFJWRTJwSGtkVFFFVFp2cVFYSHhMRG5UdDZzc35B

Request Chain 240

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAsy6MarxDzqJNGp86MD7ds&google_cver=1&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4RybcGA__fTvnpeprOxJRuf_M4U HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAsy6MarxDzqJNGp86MD7ds&google_cver=1&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4RybcGA__fTvnpeprOxJRuf_M4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0OTg4MzE4NzA1NTM4MDMyMw&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4RybcGA__fTvnpeprOxJRuf_M4U

Request Chain 241

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELIyrxePADNAXA2dlodUDMY&google_cver=1&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6eqpbq-hxVUmrgXzs7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6eqpbq-hxVUmrgXzs7Q

259 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request giftcn Show response
m.xuite.net/photo/ 25 KB
11 KB 2024ms
694ms Document
text/html 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

55dcf16a3b1684b1a7100e7281c19551d0c01c889cd8e81dd633ee20355806ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Wed, 26 Apr 2023 04:30:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: m-03
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H2 200 jquery.mobile-1.4.5.min.css
code.jquery.com/mobile/1.4.5/ 203 KB
24 KB 43ms
10ms Stylesheet
text/css 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.min.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:47 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-32a69"
vary: Accept-Encoding
x-hw: 1682483447.dop231.fr8.t,1682483447.cds219.fr8.hn,1682483447.cds052.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24849

GET
H/1.1 200
OK custom.css
img.xuite.net/_v_2.2021.02.24/_css/my/ 508 B
706 B 873ms
288ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_css/my/custom.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 08:30:05 GMT
Server: Lighttpd
Host: img-01
ETag: W/"613b178d-1fc"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 25 Apr 2024 04:30:47 GMT

GET
H/1.1 200
OK idledialog.css
img.xuite.net/_v_2.2021.02.24/_css/xui/ 3 KB
1 KB 877ms
287ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_css/xui/idledialog.css
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: 11d575c2cf05f9d0b10907559c4ab8df9254d2f23bde2b24fedcc611779394b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Jun 2022 07:27:56 GMT
Server: Lighttpd
Host: img-01
ETag: W/"62ac2cfc-ad1"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 25 Apr 2024 04:30:47 GMT

GET
H/1.1 200
OK fontawesome-all.min.css
m.xuite.net/css/V2/ 34 KB
9 KB 300ms
299ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/fontawesome-all.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-87ae"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK bootstrap-front.css
m.xuite.net/css/V2/ 150 KB
33 KB 1152ms
1150ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/bootstrap-front.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-257d2"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK sal.css
m.xuite.net/css/V2/ 7 KB
2 KB 599ms
298ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/sal.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-1d78"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK swiper.min.css
m.xuite.net/css/V2/ 13 KB
5 KB 862ms
288ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/swiper.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-3563"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK screen.css
m.xuite.net/css/V2/ 47 KB
9 KB 870ms
294ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/screen.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

9ac0eb7eb5813ad3a082734f295f95fa59e6cbe8b1ff48e4bdb3de2b6eeae2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 08:01:45 GMT
Server: Apache
Host: m-02
ETag: W/"61b06669-bd43"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 119 KB
21 KB 36ms
19ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1713928
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA, cache-yyz4537-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1da71-sJcv3M6C/Vg9TCzMPy4990BKGdA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24xPpB3seQuPKXBU11GX4%2FgRgKQjfos0Yo07f%2BOX0y74kW9cyI4%2FaGZ59aaVa%2FZSuAHIa%2FEum22899xyptiMpi4bzKoAA53FVeSs37ru%2FiQPiZEa9ZJbmAvrvGUj0gSGAozAz%2BkfxZvQdhrgbd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7bdc17a92b948fd1-FRA

GET
H/1.1 200
OK nftmywall.css
m.xuite.net/css/V2/ 4 KB
2 KB 1945ms
1366ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/nftmywall.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

82e489102b53928b74f6822a8be9f03c7c974e26096c55d4832c61b13baa7771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Jun 2022 03:39:59 GMT
Server: Apache
Host: m-02
ETag: W/"62ba780f-11c8"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:48 GMT

GET
H/1.1 200
OK nftinfo.css
m.xuite.net/css/V2/ 3 KB
2 KB 889ms
292ms Stylesheet
text/css 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/css/V2/nftinfo.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

d9a711216bb3a73145b689a5455848b75413343208372f526d9b6d9e6bf324fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 28 Jun 2022 03:39:59 GMT
Server: Apache
Host: m-01
ETag: W/"62ba780f-d68"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: text/css
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK jquery.min.js Show response
m.xuite.net/js/V2/ 85 KB
35 KB 1196ms
598ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/jquery.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:47 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-03
ETag: W/"613edceb-15283"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:47 GMT

GET
H/1.1 200
OK swiper.min.js Show response
m.xuite.net/js/V2/ 136 KB
43 KB 1881ms
1880ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/swiper.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: W/"613edceb-21fb7"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:49 GMT

GET
H/1.1 200
OK search.png
xuite.net/include/reboot/images/ 2 KB
3 KB 1178ms
300ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xuite.net/include/reboot/images/search.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Apache /
Resource Hash: 04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:53 GMT
Last-Modified: Tue, 24 Mar 2020 04:30:01 GMT
Server: Apache
Host: www-01
ETag: "5e798cc9-970"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=3456000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2416
Expires: Mon, 05 Jun 2023 04:30:53 GMT

GET
H/1.1

200
OK

miniLogin.php
xuite.net/members/ Frame 5F0E
Redirect Chain

https://photo.xuite.net/@login?furl=/@ack
https://xuite.net/index.php?notify=1&final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessi...
https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26se...

0
0

291ms
291ms

Document
text/html

2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Wed, 26 Apr 2023 04:30:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: www-02
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Allow: GET, POST
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html
Date: Wed, 26 Apr 2023 04:30:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Host: www-02
Location: https://xuite.net/members/miniLogin.php?final=https%3A%2F%2Fmember.xuite.net%2FHiReg%2Fcheckcookieservlet%3Fversion%3D1.0%26curl%3Dhttps%3A%2F%2Fphoto.xuite.net%2F%40authorize%26siteid%3D50008%26sessionid%3D%26channelurl%3D%26others%3D%26checksum%3D80105b0a49da18059a29a04bcd3ff336&index=1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK logo-2.png
m.xuite.net/img/V2/ 4 KB
4 KB 287ms
287ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/V2/logo-2.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-02
ETag: "613edceb-f85"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3973
Expires: Fri, 26 May 2023 04:30:52 GMT

GET
H/1.1 200
OK icon-user.png
m.xuite.net/css/V2/img/ 1 KB
2 KB 300ms
298ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/icon-user.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Mon, 22 Nov 2021 07:23:02 GMT
Server: Apache
Host: m-03
ETag: "619b4556-53a"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1338
Expires: Fri, 26 May 2023 04:30:52 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 33ms
6ms Script
application/javascript 108.138.17.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 04:50:57 GMT
Content-Encoding: gzip
Via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 9329996
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=26920000
Connection: keep-alive
X-Amz-Cf-Id: kGwR_UdJyoal8R6zfmqIdxMd3WJBtcBLV-4mAxMumBMwC6NIDKnw_Q==

GET
H/1.1 200
OK s
avatar.xuite.net/244155584/ 7 KB
7 KB 1152ms
296ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatar.xuite.net/244155584/s?t=1682483446
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: ba2d99983779077cf8f28146ae97fc3681861dd8a20c22636bff07a2505f2398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:53 GMT
Last-Modified: Tue, 12 May 2015 05:00:17 +0000
Server: Lighttpd
Host: img-04
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Thu, 25 Apr 2024 04:30:53 GMT

GET
H/1.1 200
OK 1174271368_Q.jpg
4.share.photo.xuite.net/giftcn/1483d0a/20271490/ 8 KB
9 KB 2270ms
287ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d0a/20271490/1174271368_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

f125ac911d1ba7e0f09ac1f7490774eedb4fdf389d5ea40d2c2892c9021c90f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Fri, 27 Oct 2017 10:25:52 GMT
X-Share-file: 1174271368_Q.jpg
Host: photo-03
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-01
Content-Length: 8437
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1098320598_Q.jpg
4.share.photo.xuite.net/giftcn/1483d47/19648625/ 7 KB
7 KB 2280ms
289ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d47/19648625/1098320598_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

27b581015428d488e994e4b19cbe263be0a07de9ca0348081ca2b3039aa1ddf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Wed, 16 Sep 2015 10:04:53 GMT
X-Share-file: 1098320598_Q.jpg
Host: photo-08
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 6732
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097171842_Q.jpg
4.share.photo.xuite.net/giftcn/1483d67/19640549/ 10 KB
10 KB 2293ms
293ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d67/19640549/1097171842_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

aedc8dde3943b71dc68535bc49e008bddd5013edc62003d4db6290e1455c8bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:41:36 GMT
X-Share-file: 1097171842_Q.jpg
Host: photo-06
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 9876
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097168620_Q.jpg
4.share.photo.xuite.net/giftcn/1483dc8/19640540/ 11 KB
12 KB 2291ms
291ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483dc8/19640540/1097168620_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

41feb9d42dced3b79ae2f422974c19716d5b74f6c349197801a238fba15cd43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:37:16 GMT
X-Share-file: 1097168620_Q.jpg
Host: photo-07
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 11716
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097271643_Q.jpg
4.share.photo.xuite.net/giftcn/1483d34/19640537/ 10 KB
11 KB 2330ms
295ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d34/19640537/1097271643_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

971e05265ac733b8b680ceda40289532d70d3969ced9102074df951b8ca4d8b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 23:44:45 GMT
X-Share-file: 1097271643_Q.jpg
Host: photo-04
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 10369
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097170260_Q.jpg
4.share.photo.xuite.net/giftcn/1483d27/19640531/ 17 KB
17 KB 1660ms
286ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d27/19640531/1097170260_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

9346c9fa1638e839d87b92dd3357e784b9a8519bcea507bc51df392a2b8e8ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:24:23 GMT
X-Share-file: 1097170260_Q.jpg
Host: photo-05
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-02
Content-Length: 17342
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1097091379_Q.jpg
4.share.photo.xuite.net/giftcn/1483deb/19639992/ 13 KB
14 KB 1960ms
289ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483deb/19639992/1097091379_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

ad453851d7d827829599ea086e5807e3ddb9e619bf07985800b4486ea5a2dc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 11:03:08 GMT
X-Share-file: 1097091379_Q.jpg
Host: photo-02
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 13533
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097091372_Q.jpg
4.share.photo.xuite.net/giftcn/1483de0/19639988/ 16 KB
16 KB 1662ms
288ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483de0/19639988/1097091372_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

f23da9dc04eeabf1c364f80876a42eed13a8e3798ee5645b905f548baf9e8e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 10:53:56 GMT
X-Share-file: 1097091372_Q.jpg
Host: photo-02
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-01
Content-Length: 16081
X-Cacher: HIT from share-04

GET
H/1.1 200
OK 1097092346_Q.jpg
4.share.photo.xuite.net/giftcn/1483da6/19639980/ 15 KB
15 KB 1708ms
308ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483da6/19639980/1097092346_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

aba04cd4ec1f9aa3c9b0fc1067d2679357c451515ea586adeef0032206d9dd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 10:44:27 GMT
X-Share-file: 1097092346_Q.jpg
Host: photo-02
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 14959
X-Cacher: HIT from share-01

GET
H/1.1 200
OK 1095853701_Q.jpg
4.share.photo.xuite.net/giftcn/1483d07/19631746/ 18 KB
18 KB 1952ms
287ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d07/19631746/1095853701_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

e57bd5b5c4127dbdd50f12387075e7aabf8a78bfecf645696de0df4693b73007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 10:16:40 GMT
X-Share-file: 1095853701_Q.jpg
Host: photo-02
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-01
Content-Length: 18280
X-Cacher: HIT from share-02

GET
H/1.1 200
OK 1095851652_Q.jpg
4.share.photo.xuite.net/giftcn/1483de1/19530845/ 13 KB
14 KB 2233ms
287ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483de1/19530845/1095851652_Q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

26a08019e4ce5c38e2bc902f0fdca6acba1edb884cc9e1deba30ac97e3404eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 09:17:50 GMT
X-Share-file: 1095851652_Q.jpg
Host: photo-04
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-02
Content-Length: 13626
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1095853701_q.jpg
4.share.photo.xuite.net/giftcn/1483d07/19631746/ 10 KB
10 KB 1968ms
290ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d07/19631746/1095853701_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

9af4ac939788941258ab9fcea9615228956b9646ddfe68c7dbd4ea27d4944134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 10:16:40 GMT
X-Share-file: 1095853701_q.jpg
Host: photo-07
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 9860
X-Cacher: HIT from share-01

GET
H/1.1 200
OK 1098320598_q.jpg
4.share.photo.xuite.net/giftcn/1483d47/19648625/ 3 KB
3 KB 1676ms
292ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d47/19648625/1098320598_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

fdce862761cf4a72674296f5f4cbc351bc56b5d9fcaf73111d8b1f768d929243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Wed, 16 Sep 2015 10:03:16 GMT
X-Share-file: 1098320598_q.jpg
Host: photo-01
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-02
Content-Length: 3055
X-Cacher: HIT from share-01

GET
H/1.1 200
OK 1097092346_q.jpg
4.share.photo.xuite.net/giftcn/1483da6/19639980/ 8 KB
9 KB 1969ms
292ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483da6/19639980/1097092346_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

f1766735c8e21bd8344629f90c9dab505b091fa2bc1f1685463a942e1ebe9079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Sun, 06 Sep 2015 10:44:27 GMT
X-Share-file: 1097092346_q.jpg
Host: photo-03
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 8408
X-Cacher: HIT from share-03

GET
H/1.1 200
OK 1097170260_q.jpg
4.share.photo.xuite.net/giftcn/1483d27/19640531/ 9 KB
9 KB 2005ms
296ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d27/19640531/1097170260_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

000a1455a985b835836daeeccde14c23353c73074b698b72e42314811a450ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:24:23 GMT
X-Share-file: 1097170260_q.jpg
Host: photo-02
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 9169
X-Cacher: HIT from share-04

GET
H/1.1 200
OK 1095851652_q.jpg
4.share.photo.xuite.net/giftcn/1483de1/19530845/ 8 KB
8 KB 1668ms
289ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483de1/19530845/1095851652_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

5755e32fdb5c6118567bb9da683395acea5243a3a262da8e1e8f6f40cabfc21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Thu, 27 Aug 2015 09:17:01 GMT
X-Share-file: 1095851652_q.jpg
Host: photo-05
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-04
Content-Length: 7832
X-Cacher: HIT from share-04

GET
H/1.1 200
OK 1097171842_q.jpg
4.share.photo.xuite.net/giftcn/1483d67/19640549/ 5 KB
5 KB 1671ms
290ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.share.photo.xuite.net/giftcn/1483d67/19640549/1097171842_q.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

346e080709efb850c7b344eb758587a4e1a9982f4336c9683e751cf8c34b3f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Date: Wed, 26 Apr 2023 04:30:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Last-Modified: Mon, 07 Sep 2015 03:41:36 GMT
X-Share-file: 1097171842_q.jpg
Host: photo-06
Content-Type: image/jpeg
Cache-Control: private, max-age=0, must-revaliate
Connection: keep-alive
X-Balancer: share-03
Content-Length: 4745
X-Cacher: HIT from share-02

GET
H/1.1

404
Not Found

error.php
my.xuite.net/
Redirect Chain

https://m.xuite.net/img/V2/articlelist-default-bg.jpg
https://my.xuite.net/error.php?ecode=404

0
0

1383ms
296ms

Image
text/html

2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.xuite.net/error.php?ecode=404
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css
Protocol: HTTP/1.1
Server: 2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: Apache
Host: m-03
Allow: GET, POST
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Location: http://my.xuite.net/error.php?ecode=404
Content-Type: text/html
Connection: keep-alive
Content-Length: 154

GET
H/1.1 200
OK albumlist-banner-bg.png
m.xuite.net/css/V2/img/ 3 KB
3 KB 287ms
286ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/css/V2/img/albumlist-banner-bg.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

033dc512c8e08219e66bcdd1f6642346c18515bd5a1e25f9dce3a5955765dd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Thu, 16 Jun 2022 03:45:10 GMT
Server: Apache
Host: m-02
ETag: "62aaa746-b19"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2841
Expires: Fri, 26 May 2023 04:30:52 GMT

GET
H/1.1 200
OK icons-s61afdb56a9.png
m.xuite.net/img/ 31 KB
32 KB 584ms
583ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.xuite.net/img/icons-s61afdb56a9.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/css/V2/screen.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/css/V2/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 08 Dec 2021 07:55:21 GMT
Server: Apache
Host: m-01
ETag: "61b064e9-7dd3"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32211
Expires: Fri, 26 May 2023 04:30:52 GMT

GET
H2 200 ysm_xuite.js Show response
ad.sitemaji.com/ 41 KB
13 KB 31ms
7ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 15:38:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 04 Oct 2021 09:42:04 GMT
server: nginx/1.12.1 (Ubuntu)
age: 46348
etag: W/"615acc6c-a249"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13060
expires: Wed, 26 Apr 2023 15:38:24 GMT

GET
H/1.1 200
OK xui.js Show response
img.xuite.net/xui/ 331 KB
331 KB 575ms
574ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/xui.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:52 GMT
Last-Modified: Tue, 11 Feb 2020 08:53:32 GMT
Server: Lighttpd
Host: img-01
ETag: "5e426b8c-52b78"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 338808
Expires: Thu, 25 Apr 2024 04:30:52 GMT

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H/1.1

200
OK

test.png
a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net/
Redirect Chain

https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
https://a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net/test.png

58 B
58 B

397ms
128ms

Image
text/plain

108.156.208.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net/test.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Server: 108.156.208.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-208-43.dfw56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:53 GMT
Via: 1.1 9861b63db923a2e243e3f4c28421c442.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: C1oR8gFfukNJJCzL6Z8kfJPp4LRsW07ic8GAuThQbgn2fXbd3AxyKQ==
Expires: Wed, 26 Apr 2023 04:30:53 GMT

Redirect headers

location: https://a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net/test.png
access-control-allow-origin: *
date: Wed, 26 Apr 2023 04:30:52 GMT
server: Server
content-length: 0

GET
H2 200 sitemaji_tab_hinet.css
ad.sitemaji.com/ 3 KB
672 B 8ms
7ms Stylesheet
text/css 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 17:38:53 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 39119
etag: W/"5d0b49e9-ab6"
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 540
expires: Wed, 26 Apr 2023 17:38:53 GMT

GET
H2 200 app.js Show response
ssp.hinet.net/api/ Frame C0BE 28 KB
8 KB 1181ms
282ms Script
application/javascript 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_xuite.js?u=%2F%2Fp8u.hinet.net%2Fjs.ng%2Faffiliate%3Dxuiteblog%26site%3Dhinet%26spacedesc%3Dblogtabunit%26keyword%3Ddefault
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 03cd6a884b2b12d27d778f94d2b2f0379af4589598a74114aea07ab98610e7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 close.png
ad.sitemaji.com/static/ 336 B
356 B 9ms
8ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/close.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 7009ca6cdfe65e116dd86c97db4d3b3298cd50442cac6a59889300221d4dedd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 20:01:12 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 30580
etag: "5d0b4850-150"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
expires: Wed, 26 Apr 2023 20:01:12 GMT

GET
H3 200 expand_left.png
ad.sitemaji.com/static/ 362 B
382 B 8ms
7ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/expand_left.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: d41229f369557405de5b218daad429dd8216b8cfde394c3cd088c5002c998de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:16:39 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 33253
etag: "5d0b4850-16a"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
expires: Wed, 26 Apr 2023 19:16:39 GMT

GET
H3 200 ajax-loader.gif
ad.sitemaji.com/static/ 696 B
716 B 9ms
9ms Image
image/gif 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/ajax-loader.gif
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: bc58f7e7a0ed86c18a0574ae23296518dd60cd08ed97265361b1be2faa8fbe91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 19:09:57 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 33655
etag: "5d0b4850-2b8"
content-type: image/gif
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 696
expires: Wed, 26 Apr 2023 19:09:57 GMT

GET
H3 200 mini.png
ad.sitemaji.com/static/ 226 B
246 B 9ms
8ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/mini.png
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/sitemaji_tab_hinet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 717de370036c8ff23c0e7c3bf7f7b4b9fd06b760b9f5cc257325fc0ecdfed345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.sitemaji.com/sitemaji_tab_hinet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:41:47 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
server: nginx/1.12.1 (Ubuntu)
age: 56945
etag: "5d0b4850-e2"
content-type: image/png
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226
expires: Wed, 26 Apr 2023 12:41:47 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ Frame C0BE 1 KB
1 KB 851ms
289ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000053&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483453477&oi=GG4Jb&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000053%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483453477%26oi%3DGG4Jb%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 4053b8be0c3cebc6eaf53846388ced7643b93f97e882a19fc4f3012b471c2613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 26 Apr 2023 04:30:54 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1107
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ Frame C0BE 3 KB
2 KB 290ms
289ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000053&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483453477&oi=B68o6&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&o=NgPfo
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: ce054db0c0f550f92b8ea0d11208c80694f9d678c43ba731b73ae1ba4732f5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 7742 90 KB
32 KB 38ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-169d5"
vary: Accept-Encoding
x-hw: 1682483454.dop137.fr8.t,1682483454.cds249.fr8.hn,1682483454.cds250.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7742 74 KB
25 KB 95ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7a386d5a9b03e771e0bdbd9709c214d7a4ac83d0ff286389205617277a4904a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24999
x-xss-protection: 0
server: cafe
etag: 599 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:30:54 GMT

GET
H2 200 third
ssp.hinet.net/api/web/ Frame C0BE 0
222 B 285ms
284ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000053&th=29&wc=3168
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ Frame 7742 399 KB
124 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27928
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Apr 2024 20:45:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 7742 2 KB
723 B 56ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d662dd3b94f2b007efa2c38cebdd30ef8912dbb7085aecba5f3e0c22a08d912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 698
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:30:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7742 107 B
531 B 36ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7742 107 B
456 B 36ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7742 21 KB
10 KB 56ms
56ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2250325754772092&correlator=3591303597618915&eid=21065725&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=22590772197%2Cxuite_pcflot_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2700717014&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682483454832&lmt=1682483454&dlt=1682483454339&idt=461&adxs=1300&adys=920&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=ldrj4rttj78j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=848336529.1682483455&ga_sid=1682483455&ga_hid=1003941205&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603a301298a13fc52aad0edf46700d46d9a53c6f3994a68587ec938c2ebc8e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10312
x-xss-protection: 0
google-lineitem-id: 5785067666
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363151711
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 28B0 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7742 15 KB
11 KB 96ms
62ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1dc8df81050d1a12d0d74135ba780d69fa02bfe2e51713e92b90c928975279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11369
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20C3 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn-LjJ1JebdTTtBGL8xQ448_09YF22n8a8c8rSZzpkJNPpDTBtRVAD3XbkXDoYavD_RMBOZNIGUiMMvmyQj6q9izil3vNIm4yDpoDLgAAfLWibi0QFabYyPIrlB-TuQJSPtrlM4X51Ng7BCNvOfTYCK8cTT5PM69CrsKU9Mv7D6D1OepnfXugJ_wsdkyrYhKv6vOx-upYpco6asAjUuBfiCzZmjnMxzcgEzmdUkLqyv7NahY1hPzUlhwXl9fqHN0WgO2TJ5y_5TKRo0wMEQ8O8xWHMVTHxSRh8iZ4bYjLKNQoRlgoXlPnxIDB7uX_x3oQ6qIqNQsrV&sai=AMfl-YSrT1Xv68KaQ9L5YdF6Qjr-5TktXc6rigXrSn7xpe_2MMbjeojOWZzVvhctYbLi4C1BB7LHlfGLPQbBvGLUDGfv5TidkRUuMa2Aw8E69Uiy10yTg9KU6pz8viqQrqwGm7SM6bXMPiSV5emwGZOd&sig=Cg0ArKJSzAA0hgPNiCkuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:30:54 GMT

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ Frame 7742 137 KB
41 KB 41ms
15ms Script
application/javascript 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad5d636a7b661a2ad40cb137f4accc1e7d7f35faa2ebaeb9672c94389ab1184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
cf-cache-status: HIT
x-azure-ref-originshield: 0FaI/ZAAAAABK4i+vTqZYRaFi/BnNc8BTRlJBMjMxMDUwNDE4MDUzAGIxMjFlMjFjLTdjMjgtNDA4Yi1iZDBmLTkzY2I0ZTdkZmVkZQ==
content-md5: 1QSB55x/I+W/MnnEdqZkQA==
age: 755
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 19 Apr 2023 08:08:57 GMT
server: cloudflare
etag: 0x8DB40AD536A32C7
x-azure-ref: 0maI/ZAAAAADFOQnl2DHzT7/SL/StGG0ZRlJBMzFFREdFMDQwOQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8eb42ab7-c01e-005a-7e96-72e476000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 7bdc17d96f9291ff-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20C3 158 KB
49 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:30:54 GMT

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ Frame 7742 154 B
509 B 1041ms
158ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=414eafd41b4e4b28&referer=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&bodyWidth=1600&bodyHeight=1200&cacheBuster=34b1abfa-d68f-45b6-8ded-60d9c9ddc90a
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 3180c8de11697f009324bd59f3c0ed63b4cfefacc330378c545c8924f51e42a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:55 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://m.xuite.net
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 154
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ Frame 7742 43 B
528 B 2814ms
302ms Image
image/gif 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=401902758
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 26 Apr 2023 04:30:57 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7742 17 KB
7 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:30:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 20C3 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnRD7-gD7E2ipyW3bTZNtmEnicQcI0KXLu5jgu9WM6dKKxb9-kOPoLXuC3GUDLkiWxyyqVLC-xCoZ_nOGuLks61A_dJDRdT4itrkDu4RtfF1g3ZNbkzHpv4ed1z_tULE8XLDDSPqXfkLK2W1LTeSuoU6hVo8wdogAZvGZ331z87-inPGhB-aU1pT6Jvr7dV7-lmfoiug8pmZaaYLht1WMFp2WDOfh0gPSZohpkrjXwBvlpRhBGaSzSSe9w7TrHYLMcyEOMxmTpgDpRhSiLAx6sU1DUHqfVzoxXbMYn061fE6LiufsZ2tTXSMmPLZXtDkl8tVB0mUdi49o&sai=AMfl-YQSXiFgAQ0pcbbv-fzDiUAMoOhaL1lczAlicEht9r6WPkg9mPRChLNvPdf31E0AGLl052QLhtLmna3LzUrQcRjUN2KbMybR_pW92Ocsw4NG-lEd49Uq1btYni2bX9ACCFrTys3L9pqk2CG7m-Eo&sig=Cg0ArKJSzMplgb7f58WZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:30:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D11E 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B25C 783 B
1 KB 42ms
21ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42e7bcdaa529e6e09c92c814bed3643db8ac5abc749e0613eb306d947ae2ef26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-59_IQ6dqz3islVH4oKVJUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-59_IQ6dqz3islVH4oKVJUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:30:55 GMT
expires: Wed, 26 Apr 2023 04:30:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame D11E 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B25C 0
0 40ms
40ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=2250325754772092&rc=
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D11E 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pBSSkA
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7742 0
0 44ms
44ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=2250325754772092&bg=!TU6lThrNAAYfNdXmPzU7ADkAdvg8WkQDM4ExFdKK6i6IXXMgd76i2sosYctrM5T1L4MfhSRecfDxAEuJTm4zagtJdd0ulPImb6MCAAAAVFIAAAABaAEHCgAE6vEzQpkDBZxo3xIHxnoKcBmwotKzSBngTKmwMiPV_j6ppwhixsFPmKIWT4HVvxl1RrW1m9vjMgN7r6Emmr6hEWvUX7w_naziydr_TtaQqSI0QhaDA3XQHtuHNsCYY6G_8OzAsxOiNtDn7UTpEKaHx18YEelVu_SH-p1Di_S1YjrkKdD6R03khDfjZJpFtxE3oyTcBwui7swBCSfzyBsbKH_xKJwm8RPcZwi-USPtjMCyQvBhLginjh57OwX_jQY6XiEUYJHyhXNn0hheOOk5pTm6ljGpTYKDZf6tshQi9r8DehxwsYH3PD0Bjf3_mIz5amh4GNhTrOeZkN_pLEyCj8W18-nSVuCxmzGGncWV4-wJhgLZrAx000lhllCp0yMzmZXNvGwnSosdPl0ZVBp74XosFPtk4NSjMJlPAUTHeUqz6XOY8j8mdq5fSHGsoX3M2OO37Wn_m6WTdW9_tAsSUMVJ5kS9JlNGXVmBi5Jv_2KXZ9FyP69G6Gl4uwyGwDwvqfC4qLMb33UiaSYs8feFYj0OhUM287u2hqQjtgRrSHm9PqyNvA6l-lciKHnNiAiXPcQ3xmhXj6609JnjkgvHdQKNgLW5hBAQr_JDpYwr3pfznLzb0XhqjnhDcdKX2G9T4rmSSkdKXHyDmlM8wtfI_huTszWN7daHFnM--xls10XLl3UT_425CYgV2nyQgrMv4jBCrm4JGGlnlgKu41Sb6ZOL3mF2azhP-gT9zNkkYPQoy15eVHUzJhZdi4tdSvHkbTPJ5sWxs8Q_R64j9eiYQGqIj9suuo0FEtM9Kxni1Htfc3fHXmPDkFhfxCdvRLDF0nc8jOeQAQsJt8lP6ZcBstTKhcMihePAw-z-So0pAb7Bv9XUEQgnXA2s9hVQEqpygbd2VGaN_mseBZOCmDjO0szgZSIoJZVlBfbn6dmiG8DcBya1VoP2xM48w5ZVd1I1vUiARpPXe8EfXaG85JEeYce7orXq3J3LHl130MHyJCl_Y9_OX0efiUotfKUD7wHMUOsozuBOUv_Qubwr
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ 137 KB
41 KB 18ms
17ms Script
application/javascript 2606:4700:10::ac43:1755
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad5d636a7b661a2ad40cb137f4accc1e7d7f35faa2ebaeb9672c94389ab1184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 Apr 2023 04:30:56 GMT
content-encoding: gzip
cf-cache-status: HIT
x-azure-ref-originshield: 0FaI/ZAAAAABK4i+vTqZYRaFi/BnNc8BTRlJBMjMxMDUwNDE4MDUzAGIxMjFlMjFjLTdjMjgtNDA4Yi1iZDBmLTkzY2I0ZTdkZmVkZQ==
content-md5: 1QSB55x/I+W/MnnEdqZkQA==
age: 757
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 19 Apr 2023 08:08:57 GMT
server: cloudflare
etag: 0x8DB40AD536A32C7
x-azure-ref: 0maI/ZAAAAADFOQnl2DHzT7/SL/StGG0ZRlJBMzFFREdFMDQwOQBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8eb42ab7-c01e-005a-7e96-72e476000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 7bdc17e05d6691ff-FRA

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 154 B
509 B 157ms
157ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=414eafd41b4e4b28&referer=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&bodyWidth=1600&bodyHeight=1200&cacheBuster=e8f0edf6-4836-488d-b5cc-0ae50cf883ee
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 521135327544c4cf613c37d1c07b4a0ed9308c4a7870e7712bd1aa6135377315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:56 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://m.xuite.net
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 154
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ 43 B
528 B 1741ms
300ms Image
image/gif 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=344030666
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.hinet-ip.hinet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 26 Apr 2023 04:30:57 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ 6 KB
6 KB 164ms
164ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=414eafd41b4e4b28&sessionId=22f42a00-e3eb-11ed-bf70-3b6a3f742e90&referer=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&bodyWidth=1600&bodyHeight=1200&cacheBuster=631ba9bd-c8d1-42b9-8fd7-8a9c9c07a640
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 19f40a54cfa520620e351fe14309a3086fe588375e0127831390b1addafde0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:56 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://m.xuite.net
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 5992
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
24 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ad5737b5a8964d028d34fcff3417cdba292f19572d75b302e64ca1aacbc9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24699
x-xss-protection: 0
server: cafe
etag: 374 / 19473 / 31074122 / config-hash: 3496528444417690014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:30:56 GMT

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ 0
206 B 160ms
159ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=22f42a00-e3eb-11ed-bf70-3b6a3f742e90&chid=d206948abdac4502&sid=414eafd41b4e4b28
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:56 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/ 399 KB
124 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 10:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64479
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126426
x-xss-protection: 0
server: cafe
etag: 12107163058553792566
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Apr 2024 10:36:17 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
723 B 41ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d662dd3b94f2b007efa2c38cebdd30ef8912dbb7085aecba5f3e0c22a08d912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 698
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:30:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 434ms
433ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2601527891030502&correlator=2562778286903995&eid=31074122&output=ldjh&gdfp_req=1&vrg=202304240101&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2C414eafd41b4e4b28&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3555039245&didk=886468226&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&sc=1&cookie=ID%3Dda2fb21a3a5b9077%3AT%3D1682483454%3AS%3DALNI_MYhum1NIHnMwbEqgyhI0LAa6g-JnQ&gpic=UID%3D00000befbd2d964f%3AT%3D1682483454%3ART%3D1682483454%3AS%3DALNI_MbYdeDnMLJdIxlYBBc0uOU1WTYqxA&abxe=1&dt=1682483456570&lmt=1682483456&dlt=1682483447189&idt=9346&adxs=1300&adys=920&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=20&vis=1&psz=0x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=1059259457.1682483457&ga_sid=1682483457&ga_hid=495700210&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69003d042b0fe1ad1d39729251bf7fe9ef557e97a4c36af8bb20df5488bec9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12029
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A66C 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:30:56 GMT
expires: Thu, 25 Apr 2024 04:30:56 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK cookie,cycle Show response
img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/ 381 KB
132 KB 294ms
294ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: ff06a0e1ba317af0f26217e54d72181f3fff7b577bf7545f7026768a08be1904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Apr 2023 07:14:44 GMT
Server: Lighttpd
Host: img-01
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
Expires: Wed, 26 Apr 2023 05:30:56 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304132133000/ Frame 538A 222 KB
61 KB 71ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 17:12:21 GMT
age: 127116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61827
x-xss-protection: 0
server: sffe
etag: "1754d270d28e2ea6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Apr 2024 17:12:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 538A 15 KB
5 KB 81ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 17:12:21 GMT
age: 127116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "8e65ad5048245435"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Apr 2024 17:12:21 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 538A 94 KB
28 KB 82ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 17:12:21 GMT
age: 127116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28942
x-xss-protection: 0
server: sffe
etag: "73bf4bf39cc8fedd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Apr 2024 17:12:21 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 538A 5 KB
2 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 17:12:21 GMT
age: 127116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1921
x-xss-protection: 0
server: sffe
etag: "f061d9295cdc41bd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Apr 2024 17:12:21 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 538A 40 KB
13 KB 85ms
22ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Apr 2023 17:12:21 GMT
age: 127116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "8013fcb40cf8ec28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Apr 2024 17:12:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 538A 8 KB
1 KB 36ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86c31a704d681965da138f8ac4fcddafee32e4f003c8b431dbf4156f5126d1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 04:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 03:11:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 04:30:57 GMT

GET
H3 200 zh_tw_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538A 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw_bl.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:06:46 GMT
x-content-type-options: nosniff
server: cafe
age: 37451
etag: 4870481765684750750
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3412
x-xss-protection: 0
expires: Wed, 26 Apr 2023 18:06:46 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538A 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 13:35:10 GMT
x-content-type-options: nosniff
server: cafe
age: 53747
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 26 Apr 2023 13:35:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 538A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHPg2eTK-rN8ZdydUIDNlvj5ADrGzU3m6tzdY4uYuYnOroGj80obZgRNE37eSiRAAbPN0_aOgCIkXAdfhCFiKp8vm3mQ
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 538A 0
0 51ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck0HTAKlIZKqRJYSngAfIl6LwAc6oos5j1c-JsLwQ8tromcsBEAEgoo3fJWCV4pCCoAegAcmc_-4DyAEBqQINVeVUh2myPuACAKgDAaoEiQJP0BYJuCnr9b3WBhVeVcIEQfKuJmFOR2-wC9j0pPW2COMzleKP1S_KquB5cTYW7RDe0Omf4cRaM4RoUz2_NmlRESk5dFbB2l4TJLv9ZuC6d04YsZqbZynesZ0wWzSw8kYGoaHBmw75kuYeyB9RsjdRl_BekMI5kAQfVByXZpAsSWmc6tnJTR78G8jbSqTT3rbse3V9FqDjwSIYJ62w9WaLtHexFX2lIzQ7nop8ogbQuWAdyehiREGYc5V1vTgu75hKL2cFyyAAhWptnHBWvmz_sJJBegquC_OgO3H2nO6d7NFfEZqT_KHDb3hRigDs9iQ8HWvemai4b0UusFZfuUJk9e051reZfm-dwATO8datwwPgBAGSBQQIBBgBkgUECAUYBIAHn-OAEagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPy0BtIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMK0BUBgBcBshceChwIABIUcHViLTk0NjcxNDQ0OTE1Mzc3NDUY6o8Y&sigh=wtYj0xsZIA4&uach_m=[UACH]&cid=CAQSPABygQiDy5d-WuM5zaG6Z-T-Uw5aw4T2yys41STrarE9ZPoWhoti8hnmER0LxUnS0-Xhq-z5bVWx7c8_GxgB&template_id=5028
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ 0
206 B 158ms
158ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=22f42a00-e3eb-11ed-bf70-3b6a3f742e90&chid=d206948abdac4502&sid=414eafd41b4e4b28&lineitemid=5346731421
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:57 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
DATA 200
OK truncated
/ Frame 538A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 538A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f21107728ac96330e63532aa77821d19d298c52475815cd171c612284eca2eca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 538A 44 KB
44 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:01:02 GMT
x-content-type-options: nosniff
age: 300595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:01:02 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 538A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

41ms
21ms

Image
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Apr 2023 04:30:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK script.js Show response
img.xuite.net/_v_2.2021.02.24/_js/reboot/ 3 KB
4 KB 288ms
287ms Script
application/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/_v_2.2021.02.24/_js/reboot/script.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd /
Resource Hash: b3876ea3280559a56204fa578c794cb8fc4967dc74c026c0ebeb8c2ee88276f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:57 GMT
Last-Modified: Thu, 09 Sep 2021 03:18:53 GMT
Server: Lighttpd
Host: img-01
ETag: "61397d1d-ce3"
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3299
Expires: Thu, 25 Apr 2024 04:30:57 GMT

GET
H2 200 svg4everybody.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg4everybody/2.1.9/ 2 KB
1 KB 39ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg4everybody/2.1.9/svg4everybody.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4881196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 822
last-modified: Mon, 04 May 2020 16:16:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff3-768"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWyKYOmZk1SFV%2BPZgza29OdXliimFJsOC6vvb3QxSDKEixDhhN54dm4uKAOPhv0%2FEZ6i3hHEMLQkO4xnAKIFWk5BwbeIt2qIW5%2FQmlLIdLsp8gpXlCLJlgXaT0XJxKa5evVzmU1u4%2Fo1%2B9OAL0NQfJOL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bdc17ecef5c35ec-FRA
expires: Mon, 15 Apr 2024 04:30:58 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1113ms
277ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Wed, 26 Apr 2023 04:40:59 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
m.xuite.net/js/V2/ 39 KB
13 KB 584ms
583ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/bootstrap.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://m.xuite.net/photo/giftcn
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-9b00"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:58 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 538A 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu290y9ERQkGO1UzdW_skkYAeop6fTpK253divEB_-5S7SCYDu_fw8ofp8aWu-XYAgojdJ1o7mjfMEWy_X2EyC1pfDgq2U-fLZ4Rq7VwuMotPJ-OKDrtrJh5yuV6634D7DaKqAz6Q&sai=AMfl-YQ-tlseN3Ur-PO97N5QMCTP1FxcqOMWXnY95ZFDz4rlESFTVmjGhmF4hpGUdqkg61e-EqL4eYz37e3_ydAuYT7KFC-herwMOKmZNR_vZuqXgnZU_pOhKx0ViMge&sig=Cg0ArKJSzCgDtqTvD5L1EAE&cid=CAQSPABygQiDy5d-WuM5zaG6Z-T-Uw5aw4T2yys41STrarE9ZPoWhoti8hnmER0LxUnS0-Xhq-z5bVWx7c8_GxgB&id=ampim&o=1300,920&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=165&tls=1165&g=100&h=100&tt=1165&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK keyw_data.php Show response
my.xuite.net/service/keyword/api/external/ 580 B
785 B 291ms
290ms Script
text/html 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/keyword/api/external/keyw_data.php?pos=www&callback=jQuery11110768506323848045_1682483457725&_=1682483457726

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

e0fc8bce45a5810a6475ef9553197f1eaa70fc83abf3abbe2a7595d10c4dfc46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 04:30:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: Apache
Host: my-04
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK logo-1.png
xuite.net/include/reboot/images/ 10 KB
10 KB 575ms
575ms Image
image/png 2001:b000:1c9:7600:0:a:d23d:3831
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xuite.net/include/reboot/images/logo-1.png
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:3831 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Apache /
Resource Hash: 41f5e63f37797d4b6d51861ea16b24b64d474f150846e357e378939679e912f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:58 GMT
Last-Modified: Wed, 18 Mar 2020 03:51:59 GMT
Server: Apache
Host: www-02
ETag: "5e719adf-2638"
Allow: GET, POST
Content-Type: image/png
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=3456000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9784
Expires: Mon, 05 Jun 2023 04:30:58 GMT

GET
H/1.1 200
OK sal.js Show response
m.xuite.net/js/V2/ 3 KB
2 KB 292ms
292ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/sal.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

71588afe887b74f7d43d82b092b6d41bc8cd196d86e77e7b1acf79c7d4724b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-d53"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:58 GMT

GET
H/1.1 200
OK fgm.js Show response
m.xuite.net/js/V2/ 7 KB
4 KB 293ms
292ms Script
application/x-javascript 2001:b000:1c9:7600:0:a:d23d:3827
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.xuite.net/js/V2/fgm.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3827 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

bf28bf1749d5f6ac054b55c31c4f1e89bd3105c8b235cf4a4773100e8beda2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/photo/giftcn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 05:08:59 GMT
Server: Apache
Host: m-01
ETag: W/"613edceb-1a3d"
Transfer-Encoding: chunked
Allow: GET, POST
Content-Type: application/x-javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 26 May 2023 04:30:59 GMT

GET
H/1.1 204
No Content viewable
ssp.tenmax.io/supply/tracking/ 0
206 B 160ms
159ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/viewable?bid=22f42a00-e3eb-11ed-bf70-3b6a3f742e90&chid=d206948abdac4502&sid=414eafd41b4e4b28&noAd=0
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:30:59 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
404 B 280ms
279ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

3f168b1c291e8b956e27d0906f7f4fd3cb78e8972d0d1a486bd0a6890e335052

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 image-picker.min.css
cdnjs.cloudflare.com/ajax/libs/image-picker/0.3.1/ 769 B
609 B 14ms
12ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/image-picker/0.3.1/image-picker.min.css

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bdecf9ecfac173c92815a51ce116d9a5f207579896e2f5577c2a87ebc7a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7252418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-301"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4R%2BpbrM2r080zna6fMjAjcySO0MOeQxJ0W4mll3fnbywZoQmjYpoLfjYv%2BDbGkDzWejSRZodYnCOI5TzWyRVTK068pTkfEXIfUp3BePLCkedmpApoQ%2BTyGPlGLAHtUL397QrDc%2FuM9h90Qji3YEi5VD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bdc17f49ebf35ec-FRA
expires: Mon, 15 Apr 2024 04:30:59 GMT

GET
H3 200 image-picker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/image-picker/0.3.1/ 7 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/image-picker/0.3.1/image-picker.min.js

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5de69000dbb5c2b41ad075649414124bd899d03556bf02d6a808adec9b3755

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1152289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1926
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-1d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuuuVbISMRNIWMv3MmX%2BfqwASxndPspOZJx4xi9tSUbBiox9e5TolVyw28CU3EHDlywYVQyCMspKDEKXpX3a3imC%2B%2BFlWIazp9izmTDxn%2Fg8JdW4AftYIDbyKTEW2AxfCmpH2l3nnrDFUfdOO2RBW94k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bdc17f4bd718fce-FRA
expires: Mon, 15 Apr 2024 04:30:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
45 KB 51ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6679755-11

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27d79ea6ceaaca72e7518f33ab48c464446d34ddc423672873d5b7da579b8359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Apr 2023 04:30:59 GMT

GET
H2 200 app.js Show response
ssp.hinet.net/api/ 28 KB
8 KB 283ms
282ms Script
application/javascript 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 03cd6a884b2b12d27d778f94d2b2f0379af4589598a74114aea07ab98610e7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
81 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5NKYZNCRDM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6679755-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abe033cde729fd8232f9c535e87c859c867338fcf0bde0d7e3c52e8ac9f56bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Apr 2023 04:30:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6679755-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Apr 2023 02:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6915
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 26 Apr 2023 04:35:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
142 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=495700210&t=pageview&_s=1&dl=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ul=en-us&de=UTF-8&dt=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=751452511&gjid=1195820358&cid=1059259457.1682483457&tid=UA-6679755-11&_gid=1156855063.1682483459&_r=1&gtm=457e34j0&jsscut=1&z=387527572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=495700210&t=pageview&_s=2&dl=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ul=en-us&de=UTF-8&dt=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=&gjid=&cid=1059259457.1682483457&tid=UA-6679755-11&_gid=1156855063.1682483459&gtm=457e34j0&jsscut=1&z=593263382

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Apr 2023 17:08:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
273 B 281ms
280ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=ac1ff8b7-b3b0-417a-81fa-d3438196afb5

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:30:59 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 48ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5NKYZNCRDM&gtm=45je34j0&_p=495700210&_gaz=1&cid=1059259457.1682483457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=1&sid=1682483459&sct=1&seg=0&dl=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&dt=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&en=ad_impression&_fv=2&_ss=2&ep.query_id=CKqRlqbbxv4CFYQT4AodyIsIHg
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5NKYZNCRDM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5NKYZNCRDM&cid=1059259457.1682483457&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5NKYZNCRDM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 45ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5NKYZNCRDM&gtm=45je34j0&_p=495700210&cid=1059259457.1682483457&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682483459&sct=1&seg=1&dl=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&dt=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&en=page_view&_c=1&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5NKYZNCRDM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 40ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5NKYZNCRDM&cid=1059259457.1682483457&gtm=45je34j0&aip=1&z=2037995992

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:30:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 46ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6679755-11&cid=1059259457.1682483457&jid=751452511&gjid=1195820358&_gid=1156855063.1682483459&_u=YAhAAUAAAAAAACAAI~&z=2142844967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Apr 2023 04:30:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 1 KB
2 KB 289ms
289ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201710000011&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483459628&oi=dsJ3S&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201710000011%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483459628%26oi%3DdsJ3S%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=aEAvl
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 433fefa329fc4fd0704d951d4235c6ce4a93082b42fc9e6eed841bb42ac772c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 26 Apr 2023 04:30:59 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1404
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 third
ssp.hinet.net/api/web/ 0
222 B 284ms
284ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201710000011&th=87&wc=2108
Requested by: Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1 200
OK blacklistapi.php Show response
img.xuite.net/xui/ 7 KB
2 KB 289ms
288ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:382a
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://img.xuite.net/xui/blacklistapi.php?callback=jQuery11110768506323848045_1682483457725&_=1682483457727
Requested by: Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:b000:1c9:7600:0:a:d23d:382a , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Lighttpd / PHP/5.4.16
Resource Hash: 4ef2403c92cdc317cd662839c5ed629e93b7699a8f4a294b0c3ad0373080e4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:31:00 GMT
Content-Encoding: gzip
Server: Lighttpd
Host: img-01
X-Powered-By: PHP/5.4.16
Access-Control-Max-Age: 1000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://img.stage.xuite.net/
Content-Type: text/javascript
Connection: keep-alive
Expires: Wed, 26 Apr 2023 05:31:00 GMT

GET
H2 200 pixel
ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net/ 0
79 B 830ms
277ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net/pixel?bd=ac1ff8b7-b3b0-417a-81fa-d3438196afb5&t=b6d81b

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:00 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 7742 0
222 B 284ms
283ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000053&th=29&wc=3168
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://m.xuite.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1 200
OK getUnread.php Show response
my.xuite.net/service/message/api/external/ 34 B
616 B 289ms
289ms Script
text/javascript 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/message/api/external/getUnread.php?_=1682483457728

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

2496f1b76aa46054edab81ea47cf82ac2d94a0189d71c9ca36c41fa3370cf694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 04:31:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: Apache
Host: my-04
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK event_angel_json.php Show response
my.xuite.net/service/event/api/external/ 427 B
738 B 575ms
289ms Script
text/html 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/event/api/external/event_angel_json.php?callback=jQuery11110768506323848045_1682483457729&_=1682483457730

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

5052955cb4161a4c84f8abd64730052dc4cca5faeb2f67d9d96bc0309a382258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 26 Apr 2023 04:31:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: Apache
Host: my-04
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Content-Type: text/html; charset=UTF-8
Connection: keep-alive

GET
H/1.1 200
OK marq_data2.php Show response
my.xuite.net/service/marquee/api/external/ 834 B
1002 B 873ms
298ms Script
text/html 2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xuite.net/service/marquee/api/external/marq_data2.php?pos=www&showNew=1&callback=jQuery11110768506323848045_1682483457731&_=1682483457732

Requested by

Host: img.xuite.net
URL: https://img.xuite.net/xui/combo/w/angel,bottomfooter,adarray,idledialog,headerkeyword,ga4,announce/p/cookie,cycle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Apache /

Resource Hash

80f19ce2563bc8d8a93f7e282613a2e6958acb727b1a50e8fa5092191fa4e66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 04:31:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: Apache
Host: my-04
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 1235339528_o.jpg
8.share.photo.xuite.net/event/18c54e4/20514268/ 25 KB
25 KB 2186ms
289ms Image
image/jpeg 2001:b000:1c9:7600:0:a:d23d:3818
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8.share.photo.xuite.net/event/18c54e4/20514268/1235339528_o.jpg

Requested by

Host: m.xuite.net
URL: https://m.xuite.net/photo/giftcn

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:b000:1c9:7600:0:a:d23d:3818 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

5bc7091263cb6db8b33a3767fa3cd09abb274cf47100f9843542d9fd79e86cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: Wed, 26 Apr 2023 04:31:01 GMT
Date: Wed, 26 Apr 2023 04:31:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
Host: photo-07
Content-Type: image/jpeg
Cache-Control: no-cache
Connection: keep-alive
X-Balancer: share-03
Content-Length: 25569
X-Cacher: HIT from share-04

GET
H2 200 request Show response
ssp.hinet.net/api/web/ Frame 9809 522 B
541 B 299ms
299ms Document
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=FltgT&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3DFltgT%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=undefined
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 5c4793b29a26b4c5407744cc72a5d5d9e5cfdedfcd60e0eb19f444364d8f4e9f

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://m.xuite.net
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Apr 2023 04:31:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 pixel
ssp.hinet.net/api/ Frame 9809 106 B
302 B 281ms
280ms Image
application/octet-stream 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/pixel?bd=abcf32aa52ac0ad7381e4fad92dd8d4e5bc5debedbf1dd79b204991b622364e8&ch=2017005
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=FltgT&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3DFltgT%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=undefined
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000058&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=FltgT&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000058%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3DFltgT%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn&o=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:01 GMT
last-modified: Thu, 13 Feb 2020 05:50:28 GMT
server: nginx
etag: "5e44e3a4-6a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 106

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304240101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fb05a3796aaf028914e671514d248d38da27fa83b47b9efc7b6c89e4bed2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11234
x-xss-protection: 0

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 1 KB
1 KB 289ms
288ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000054&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=46cuO&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000054%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3D46cuO%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 25f02e8a90158baa2b99fae0c81b6e22497d0edb1eece324298edaed00a63847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 26 Apr 2023 04:31:03 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1091
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
2 KB 289ms
289ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000054&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=fP14C&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&o=06KaM
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 8eb83cee6dd625918a96ca3445cdc8ed2b1b2a842f09655d64a38107452a13f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 7326 90 KB
32 KB 9ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-169d5"
vary: Accept-Encoding
x-hw: 1682483463.dop137.fr8.t,1682483463.cds249.fr8.hn,1682483463.cds250.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7326 74 KB
24 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc657b45c12fdf43a51a15d7b57e48311c47131455b019236a4f544d171909a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24998
x-xss-protection: 0
server: cafe
etag: 792 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:03 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 17 B
186 B 293ms
293ms XHR
application/json 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017005&s=201702000054&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=HgQ6M&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017005%26s%3D201702000054%26u%3D328f500c-a998-2507-6475-c635d9f959e9%26ad%3D328f500c-a998-2507-6475-c635d9f959e9%26t%3D1682483460921%26oi%3DHgQ6M%26site%3Dhttps%253A%252F%252Fm.xuite.net%252Fphoto%252Fgiftcn
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://m.xuite.net
date: Wed, 26 Apr 2023 04:31:03 GMT
access-control-allow-credentials: true
server: nginx
content-length: 17
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
2 KB 289ms
289ms XHR
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017005&s=201702000054&u=328f500c-a998-2507-6475-c635d9f959e9&ad=328f500c-a998-2507-6475-c635d9f959e9&t=1682483460921&oi=EpPeX&site=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&o=WCpdk
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: 0622a1942192ddc4601c3c23a0ed5889f6d5c0a17a0ac21a1aafd7c8fa9d4f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 89C2 90 KB
32 KB 10ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://m.xuite.net/
Origin: https://m.xuite.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-169d5"
vary: Accept-Encoding
x-hw: 1682483464.dop137.fr8.t,1682483464.cds249.fr8.hn,1682483464.cds250.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 89C2 74 KB
24 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

171984e9c2b5e0888ce0281278b19a277f81eb3b6d1897a7c1ee570a0af42818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24998
x-xss-protection: 0
server: cafe
etag: 450 / 19473 / m202304200101 / config-hash: 3496528444417690014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H2 200 third
ssp.hinet.net/api/web/ 0
222 B 285ms
284ms Image
text/html 203.75.213.47
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017005&s=201702000054&th=29&wc=3216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
access-control-allow-credentials: true

GET
H/1.1

200
OK

error.php
my.xuite.net/
Redirect Chain

https://m.xuite.net/photo/undefined
https://my.xuite.net/error.php?channel=www&ecode=Nodata

0
0

291ms
290ms

Image
text/html

2001:b000:1c9:7600:0:a:d23d:3826
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://my.xuite.net/error.php?channel=www&ecode=Nodata
Protocol: HTTP/1.1
Server: 2001:b000:1c9:7600:0:a:d23d:3826 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 04:31:04 GMT
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: Apache
Host: m-01
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://my.xuite.net/error.php?channel=www&ecode=Nodata
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR IND UNI INT STA PRE COM NAV OTC DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Allow: GET, POST
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304240101/pubads_impl.js?cb=31074122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ Frame 7326 399 KB
124 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27938
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Apr 2024 20:45:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 7326 2 KB
729 B 43ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87e1d258d9c432e35c3914756f28cdcd86debdb40e7b2b6f8e8c9470c1b7db11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C5CC 13 KB
5 KB 12ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E52 783 B
534 B 20ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af173ec8a01336891aef40e947ad8cecbaa7a904316a413a207b13e7791660b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SWIJD-5WcF-tao0qeCXKSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-SWIJD-5WcF-tao0qeCXKSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Wed, 26 Apr 2023 04:31:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7326 107 B
122 B 27ms
26ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7326 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7326 21 KB
9 KB 52ms
52ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1102400215881490&correlator=935963611305090&eid=44780990%2C31068825&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=22590772197%2Cxuite_bloghp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4239621017&sfv=1-0-40&sc=1&cookie=ID%3Dda2fb21a3a5b9077%3AT%3D1682483454%3AS%3DALNI_MYhum1NIHnMwbEqgyhI0LAa6g-JnQ&gpic=UID%3D00000befbd2d964f%3AT%3D1682483454%3ART%3D1682483454%3AS%3DALNI_MbYdeDnMLJdIxlYBBc0uOU1WTYqxA&abxe=1&dt=1682483464281&lmt=1682483464&dlt=1682483463286&idt=980&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=gcnhhj2wno27&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&ea=0&ga_vid=1059259457.1682483457&ga_sid=1682483464&ga_hid=2105502070&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0a666339c4762f899d6e88d4d8bebb0ea796ab5cbbae70c26e86f0a59fef95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9675
x-xss-protection: 0
google-lineitem-id: 5785078022
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138415926121
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BF5 6 KB
0 33ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Thu, 25 Apr 2024 04:31:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E52 0
0 41ms
41ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304240101&jk=2601527891030502&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame C5CC 36 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ Frame 89C2 399 KB
124 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 20:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27938
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Apr 2024 20:45:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 89C2 2 KB
723 B 41ms
41ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d662dd3b94f2b007efa2c38cebdd30ef8912dbb7085aecba5f3e0c22a08d912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 698
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7326 14 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb49df073803e8bae00ff3570018c17c5c96f7827200bcc774f0c44f219cb144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11188
x-xss-protection: 0

GET
H2 200 container.html Show response
58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 73CD 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Thu, 25 Apr 2024 04:31:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 89C2 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 89C2 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.xuite.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 89C2 21 KB
10 KB 62ms
62ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2605752775090111&correlator=3048751449693370&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fifs&iu_parts=22590772197%2Cxuite_bloghp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4239621017&sfv=1-0-40&sc=1&cookie=ID%3Dda2fb21a3a5b9077%3AT%3D1682483454%3AS%3DALNI_MYhum1NIHnMwbEqgyhI0LAa6g-JnQ&gpic=UID%3D00000befbd2d964f%3AT%3D1682483454%3ART%3D1682483454%3AS%3DALNI_MbYdeDnMLJdIxlYBBc0uOU1WTYqxA&abxe=1&dt=1682483464391&lmt=1682483464&dlt=1682483463881&idt=499&adxs=504&adys=368&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=v1k2ybosg8c6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&ref=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&top=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&frm=23&vis=1&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=1059259457.1682483457&ga_sid=1682483464&ga_hid=1398784338&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad0a39621bf5001da6d629f89a5d36c3d1084d08d0767989e45db88b0f1deeef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9693
x-xss-protection: 0
google-lineitem-id: 5785078022
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138415926121
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xuite.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 90BC 6 KB
0 30ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Thu, 25 Apr 2024 04:31:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 73CD 24 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
URL: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Apr 2024 19:36:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 73CD 136 KB
46 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Requested by

Host: 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
URL: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14b8ace812e70ece5d61dd2204bde47e842590669e14f5e586e9c0ad4141d15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Origin: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47288
x-xss-protection: 0
server: cafe
etag: 16299252460574595280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73CD 158 KB
48 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
URL: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7326 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 73CD 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaea9RaF4jABVdJaRlZLbTH13_nILXiO9gMv075SpGaKjx7g_kFM2la9ECcpBfBUM4Df2KuNUY0XS7TCQaJakQg2p-dO_ZHbiaeCyCJMtIA41_1vXVn25KZwtayejusLW8zi8-QCR0oxzuL1xfTCMP0vTvb7ghi6nRbZXZ3TwrVcl4VZdVHg6K2g6OInqrrj93MKEw-shd0bSL8t1itpp0avaJUKynTRPZvP4G6mFZyYtgQ13ZuOfLBb75KAPMDJiWkMZ3U8XcuHbMvo1gC1pOMi4KnhDux8MkDdnzgg8wev99t2dUKhTl4j0HDBJDvg&sai=AMfl-YTO_Pt2kn-6utL5IWMH-cND9ZT9WCWCdpIwuSJVLCNV4-HwM0bZjSxeWO06Qv17oPGhAybQLpol--HsxMc06O4UTz8dyTDB8i4WzCkCXTpy2hPzrFnhVKmQ1I3Q7rc&sig=Cg0ArKJSzHIwPmgKFaVqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
URL: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 89C2 14 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bff9298bf01888165fe94f4a8fb3402689e928df9a4a7f0a6477060c424cc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11164
x-xss-protection: 0

GET
H3 200 container.html Show response
186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00BE 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Thu, 25 Apr 2024 04:31:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C5CC 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YoAaDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5257 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EC08 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a0d5f941800e4f984c3f98ca15fb91b2aa8582b1fd4541e58adfc2a0b9c9ca7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AP5y5jprXbkv1zInoEegYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-AP5y5jprXbkv1zInoEegYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Wed, 26 Apr 2023 04:31:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ Frame 73CD 354 KB
119 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936851f622747914f15a9547605ed5cf26294da1faca060994eae68ed93c6784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121815
x-xss-protection: 0
server: cafe
etag: 13341266776216465354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame B166 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:21:52 GMT
etag: 2378337311435320485
expires: Tue, 09 May 2023 18:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 00BE 24 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
URL: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Apr 2024 19:36:07 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 00BE 136 KB
46 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Requested by

Host: 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
URL: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2809132aede15fcb98cef21630e2a17320c10be4dbf97ee3cd86cbef5b8fb478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
Origin: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47248
x-xss-protection: 0
server: cafe
etag: 12614136318973988747
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00BE 158 KB
48 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
URL: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 89C2 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00BE 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwIoXSy8iPT3IMatuyurcB2yopA75FkE6JVlJorI0OiIY1YG7tg0fREMLCKj-w5TkBnNhn-VXt24y06VL2tpUyGlZNlyCn8nyrSajskOCHuwuBsGTjosvBmHTLNhDqH_skL6Ng2bFuq_tySDxbuiIueYcqGdOzjjVbU1UCRDkgzcUzRpQrBoo0RDVo2juODQS2oo7FPfaIgfIyJ4zCz2QaDefthCIX5w6Ba7l0LgBFJXrUpeMQxKW1xKOJ1j61PN-hKrtN3PtGw6qMT1s28g6c-QP60FxP3tv21uYgdDxHiuq9HpCEOmFmlrtHiEH2dA&sai=AMfl-YQzCJPWvhza8soyTuR9XTl0v0FcZaCRyqWsn1qWiVeqw_ay56LcgRL1K7ucW4_Z8RmTdXJD5y-NiLMQrpRr5qQXlYxeQJGe756kG5BOcLdkNMzIfoqb-UhsE9cEqgE&sig=Cg0ArKJSzCBorkRjjWBTEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
URL: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC08 0
0 42ms
41ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=1102400215881490&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F05 13 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A196 783 B
537 B 22ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed1d7b2b5bc297e4a954e93d97f35663883b25bed8d7cd349c794f37942aca81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AO9DWeIxQX0WUjtiOUPP6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.xuite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-AO9DWeIxQX0WUjtiOUPP6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
expires: Wed, 26 Apr 2023 04:31:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5257 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/ Frame 00BE 354 KB
119 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com&bust=31074129

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc8c5ec9910d59c97223cceffd7d38df4c15d5663da15b7ba53c37f066437e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121894
x-xss-protection: 0
server: cafe
etag: 15335085078311189935
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
DATA 200
OK truncated
/ Frame 00BE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5649231b54c32ca453f196d05e83d320f3b8fa7d3cee6556e8566a59605dbe30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 73CD 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVrp32SJO1wFW41TOB185FCc8YnKpcBuqjVWwxxXy2Uto9a2mKW7VvSjRm4DNm70Ikwq1UhIOPdlPrSk1OHxnVbq-3XT1St3O4XK1bPIiMtyQi76Xgmj0Fi9l76oe_nL1gBkW9aKn1LHbqFQNc3-M-ddRsb5nLXj4kc3H0udVVvFMbxnz35PvKm8dikXEYDVQOX9I_Y4fDg3QvHjjpDOuahnKNClMvRoecjySuV_iusiPPhI7Wi5ZRdHCX2RN2S_XPOUecmetmwxXICY7x98i-v5rrCk7FSTPdVMbtkFA12FFy4VFZxPhcYXbjEoV2GGiF&sai=AMfl-YTEqUtntdKYwklo__LiWUhjvV3GtT1QobEzBgVbDprZ6J0BK-MWKktp7OVius7UAjReV3yNHVAjVmmk0HUCXuNi4Q9A9mt60KBw2Giopidu8ZeFLo5NjdY2QXn6wo8&sig=Cg0ArKJSzDvYVk-KqErxEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 73CD 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 73CD 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 05FF 241 B
144 B 88ms
85ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=3407277752&plat=1%3A147968%2C2%3A147968%2C3%3A2163200%2C4%3A2163200%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=4&bdt=181&idt=160&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&nras=1&correlator=3155737722588&frm=8&ife=1&pv=2&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&fsapi=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.oealozbwolze&fsb=1&dtd=187

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c36d58272887b76151e08692a9c11a9c854bc6ed910bd5e4e557967e13d4908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 73CD 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ae9039a1f44cbaa4367a5905cede5e638f0fb832f78ddd83e04fc602e25ed4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11132
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58EE 100 KB
36 KB 536ms
534ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862041&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=2&bdt=182&idt=167&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3155737722588&frm=8&ife=1&pv=1&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8io6i16s3sqr&fsb=1&dtd=201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be5164042bbe3667df7ae91284e38cc73f92226265ea45ac19cdbe39e417aa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37081
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 73CD 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A196 0
0 41ms
40ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=2605752775090111&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F05 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 00BE 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgnMUYQJhVv96VzLCwykxe9WSxvt3VMNsGO5WJb9yLmA7v-Di-2HhcWETPna4qO8Rx7OQ3Daa0RxrRvwqJFsAyWudQvLytLk7D1D7-Y3WfnqnZSC2qrCbovI9A0Vtd-Vjd3KRqHZyrxqDGO3TyjdfkW-VMaDPq4ai3XxjbTspuSjParVhbdzQ887QNiga2Je0kvyNA-vWiTm_2TcXHCZTJATGI97hCD6McSzrd_Px7GYd4XrtA1TycBYG67Qcs-n1CoJh0YTkFL4t_hKevKPmWySzqqaMLAFcsPwzslu0FYepKvKpPyH_kMdchplw4ggt6&sai=AMfl-YQYN5jLztOhs0bayaeJX6wwFyg8KxGJ2R7u6qQ0oIac-ZswasTR3LFtz37mSMOD72HcmTEJkQ1Lg8HH9Nv22bwoayPAuKt7sZh0zUPzA0PJE3Si8oYKOwf_N8Ye2gs&sig=Cg0ArKJSzBJ85AQjFOGDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 00BE 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com&bust=31074129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 00BE 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C429 241 B
144 B 197ms
196ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=3407277753&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=4&bdt=170&idt=250&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&nras=1&correlator=1587344582571&frm=8&ife=1&pv=2&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&fsapi=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.2iu2vbwvq5yf&fsb=1&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c36d58272887b76151e08692a9c11a9c854bc6ed910bd5e4e557967e13d4908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 00BE 15 KB
11 KB 56ms
55ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ada169b3486992c7f71b99d8ee1502ac48aa917817d23bbc8ace6ae980bb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11405
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9372 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DF1 783 B
536 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d9f2808a3e86a43d8a654a45db532330b9a4c1d299933d5213dbb1565773e9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WT185MIaSzA_p9wi0qX3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-WT185MIaSzA_p9wi0qX3PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:05 GMT
expires: Wed, 26 Apr 2023 04:31:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABA6 101 KB
36 KB 509ms
508ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85403620c375f5f47d9b5a972e9a316e42f14e126e9f90d6dcb2e1746ef530ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 00BE 17 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 04:31:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DF1 0
0 47ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=482586183434574&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9372 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F478 13 KB
5 KB 11ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 18:48:45 GMT
expires: Wed, 24 Apr 2024 18:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CC6 783 B
534 B 20ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c80f73e176369abca032dc6bac16dc434a1cbef8edbfd3af2ac611168e225fcc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rAv13-fe1CWXLSjmMpCMNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-rAv13-fe1CWXLSjmMpCMNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Apr 2023 04:31:05 GMT
expires: Wed, 26 Apr 2023 04:31:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5257 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GivvHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304240101&jk=2601527891030502&bg=!JySlJHDNAAYfNdXmPzU7ADkAdvg8WpaVurDh_kmnBM8buDDTmICXNze3A3FE_GDEJ5WLDsk1mcXQUVhMtKmrsD3Z51VhoO_KZXMCAAABCFIAAAALaAEHmQLlbcDG4azAhmHc3GLSv4mNxN9D3oqQvy4Ao4GKRJpLYTy3jP5u3nd4Fug657DG0ttXWhiET1v05zUDbhOQNcQG6ERcy2nq9gG-km1u4V_aHBGL9fICX9RfxwhpU3zPEfeeZql6g6eTPp7cs83bdHBvJYFp109Lp8JB5quqR6o_A1c0dpbwVw4bE8aShh2UOGDDkQ16vKd4TGyN-YfhMlaNpOXVyBcPTPX9c_qd3BQ1KMXJhi4Ka6ebQ_s0zIu7fM2KH-OMRTr4k9uIqZ_2Giqzbbk-8RGxrUnwIry1pxNC392gYP2-vnd0r7lFbCqjTlfeHPLHAvmNALa5VxJyFThn9aWmjvGbvs97X54hS1ymvnyr3CR-mfE2kDpVYLSdqzYGoSwsLOHWfgWEkL8mWEbVkpIYsInuCHkHOQo7j4ZA6xvnjsQjrKxlBLzKwUBtFuZIIE5uKjwEZMySzZYLrWZXLDU4hBU3dfBCWyqFgdoXIEuaSa7iM7Qi7DjdPzYQh9jj0EaZ6Ou6S1iNAc-DF-lrNdLkJwI0esUOP2Kp3Wwj5lRe2Ae3_Dts_BfjGHO43TJXhIzP5j8Ww1eQc3afjDeW9HW0ywMBCGP_8X0Wxka6dsNOz-Ih9cfKcMBjmH7ieZpEuj89Wvl1ul-pulhRhf2UN25XuYNk-axAOWSgLWlb2qVSM_i3Lk2pVEmqRxM7khKygQXYitTUaBpeg6oPMAo0uiO9rteRm084rxdAi7o18RL7rodKfx3PkPbJ0Wkaydv0-H7zQBALHekLHBat8ym2o2JRElhmFEgmFbR62oqqhexQH4HpyRV0TI537Y821BjWVN6nwQ0t0_pzMKZ3iMhN2T1FIj319LekgBT3m0o733ZM7ro8lB-Myti5DbPR2DGsJgFbkgjoeSfK9-TUxgIRHxyeHsdQ-R0S7l4i_GFiWmPhS8lyX6bx0pjliN5G9Vl5ZOPyLYdTHDJX4NRGb9UKdgAQQT4G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.xuite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CC6 0
0 40ms
40ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=569489871240521&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F05 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IW3xLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame F478 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9372 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KZurSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 e6ca7bffdb571b122f7e2a992921a2d5.js Show response
www.gstatic.com/mysidia/ Frame 58EE 8 KB
4 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e6ca7bffdb571b122f7e2a992921a2d5.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862041&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=2&bdt=182&idt=167&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3155737722588&frm=8&ife=1&pv=1&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8io6i16s3sqr&fsb=1&dtd=201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3681
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:48 GMT

GET
H2 200 4c337f9a7ad795df07d5c5a50dffb0d5.js Show response
www.gstatic.com/mysidia/ Frame 58EE 9 KB
4 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4c337f9a7ad795df07d5c5a50dffb0d5.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a33fd1a1bd68e80e3e361791bd30eece467824d66669d1f78be8925d78d2baba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4065
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:44:24 GMT

GET
H2 200 3f4d05c2ee4f6e8df89808e39016b993.js Show response
www.gstatic.com/mysidia/ Frame 58EE 18 KB
8 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3f4d05c2ee4f6e8df89808e39016b993.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

10bdc8e2d25f3464c817905c4905f33c69f3632f96645d04ff095a39daa040e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7550
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 58EE 9 KB
1017 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 03:56:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 04:31:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 58EE 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 16:42:18 GMT

GET
H2 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 58EE 6 KB
2 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:44:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 58EE 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 16:42:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 58EE 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 18:48:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 58EE 19 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 21:21:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 58EE 0
0 16ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfPjMbVM0zM3GY_awlglnKvrz7N5fo2y0nLWpRSVXbpRAK6dHWw0j6asYRhEZr6vfZnIUXwLL4WKd0384K-PIkvl7fwQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862041&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=2&bdt=182&idt=167&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3155737722588&frm=8&ife=1&pv=1&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8io6i16s3sqr&fsb=1&dtd=201
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58EE 158 KB
48 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:05 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 58EE 32 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58EE 0
27 B 44ms
44ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f4d05c2ee4f6e8df89808e39016b993.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 58EE 0
0 53ms
50ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj-zKCKlIZLm-NYeE3wOW3L2QBZPAmc1vqaz576sRv46L2roBEAEg7ISEf2CV4pCCoAegAaTdmosDyAEBqAMByAPLBKoE0gFP0NlPN1Bj-lDknzgTTykk8Rlf4BiMepltwpwYMWfjvuuL38uU2H88__ACUFhMoZ93l7ZKWJKL_jbEPOIibW3omqRPRePF_SX1pekdGErrVuZXqjRTtjizGTpfFCajWAFchv7ld1mO9lvnraY4bMOv_lMQ2f6ej48J96PiN6EqOUyyIwA90DYypevH83zfC9Xu96oMj-8K-B5bQAa0UMTCPmSSZ8WScJtISOAIp1lsPjseL0XpVuUfzZB6kq-pcvHRPfZHFbZ3dqSEuT2DN8-X1UvABPe33OWbBJIFBAgEGAGSBQQIBRgEgAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtuEJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTMxMTE1MTY0MDU1OTUyNBgA&sigh=NOBXoefhx7M&uach_m=[UACH]&cid=CAQSKQBygQiDN_TJjAZIMr5C3BI8P0EcIAcyhpHergMjZP5yJu787NS5tt2xGAE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862041&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464553&bpp=2&bdt=182&idt=167&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3155737722588&frm=8&ife=1&pv=1&ga_vid=2075625481.1682483465&ga_sid=1682483465&ga_hid=408251281&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3585592546&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C44788442&oid=2&pvsid=482586183434574&tmod=916870741&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.8io6i16s3sqr&fsb=1&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Apr 2023 04:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 148A 1 KB
647 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 12:11:52 GMT
etag: 48472445140208031
expires: Wed, 26 Apr 2023 12:11:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F478 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QU7G_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 148A 35 B
465 B 33ms
8ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOFrYi0lmjtKVH55awOzh6U&google_cver=1&google_push=ATf1kGOx93temgZMe1_OftBS2HXXbT-7-aB0lWh14hKMWxIXJFv0lOnU8BVtAkd32hxIidE6uxL6quTNCybGtxBw5GogT_hGxifxMYA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BEdGNNZnQxUFJ3TzU1&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu...

170 B
232 B

24ms
23ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BEdGNNZnQxUFJ3TzU1&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu1ppBuYi4Ysw1vHLYwVDcTWgoliX2TQOKwVM5u-RSkdFE3xHTUz4dPXYY

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Apr 2023 04:31:04 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BEdGNNZnQxUFJ3TzU1&google_gid=CAESEPa-JWnFDJmW_iz6SAYwCSA&google_cver=1&google_push=ATf1kGOMJjUPwG-BZFA77FKOJnMn3yqXc90abrRRviMsdeu1ppBuYi4Ysw1vHLYwVDcTWgoliX2TQOKwVM5u-RSkdFE3xHTUz4dPXYY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECh6gLoYH_lUUEHS5iQaRN4&google_cver=1&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8d...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8dVYDGE09NMpzuX-8

170 B
232 B

18ms
17ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8dVYDGE09NMpzuX-8

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 26 Apr 2023 04:31:05 GMT
Server: MT3 830 785530e master cdg-pixel-x15 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGONUfpIUaLdPz99d4_XmV6kjB-BI0qbzTrlnd4fT7e9tMjZuLcz1SGpcMxcJez5l2pNyAq_c3uRujt6BU8dVYDGE09NMpzuX-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 26 Apr 2023 04:31:04 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA7SRLgCTqv3X1QG0wr-qJk&google_cver=1&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9j...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjIxMTQ1ODI0ODE0NTA0Mw%3D%3D&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9jlXjS...

170 B
232 B

27ms
27ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjIxMTQ1ODI0ODE0NTA0Mw%3D%3D&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9jlXjSXq98znlvRkGg

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyNjIxMTQ1ODI0ODE0NTA0Mw%3D%3D&google_push=ATf1kGN_RtiOJXOGTWwcTFD6TtW24s_Ar22ZXOQ-0WIbafHRpUlyZlp1oMLnOkL9oVte5-kM7EGoOWsx2yqo9jlXjSXq98znlvRkGg
Date: Wed, 26 Apr 2023 04:31:05 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELAV7oqr26H1Q9m03xmN9Q4&google_cver=1&google_push=ATf1kGOuv4GJvYp3KADMvVqtklECC6EwNNDKf7R8Pj8GgoIUoCpkRXcNylLVg26_oy0zMZLrSXt8zM1kR7Xqu5_lE5ayMqW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuv4GJvYp3KADMvVqtklECC6EwNNDKf7R8Pj8GgoIUoCpkRXcNylLVg26_oy0zMZLrSXt8zM1kR7Xqu5_lE5ayMqWjP5avfqM&google_hm=eS13cUJxZFJWRTJwSGt...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAsy6MarxDzqJNGp86MD7ds&google_cver=1&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4Ryb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAsy6MarxDzqJNGp86MD7ds&google_cver=1&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75p...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0OTg4MzE4NzA1NTM4MDMyMw&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4R...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 148A
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELIyrxePADNAXA2dlodUDMY&google_cver=1&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6eqpbq-hxVUmrgXzs7Q

170 B
329 B

19ms
17ms

Image
image/png

142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6eqpbq-hxVUmrgXzs7Q

Protocol

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGMhCb06VkUQ6plilg-xrB6n3KKLnPVroHJQ6TE-fg4C7fQ5rYjskIggJ3wIgU-HtpJURqT6F0lPSIp6eqpbq-hxVUmrgXzs7Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 148A 0
130 B 50ms
15ms Image
text/html 142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoqLklGI8xtuI4ulpVllueMRcWw8Pb08dokKMmXsKcR5i521g6OESmgeD7oPjuMvaADmWo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 e6ca7bffdb571b122f7e2a992921a2d5.js Show response
www.gstatic.com/mysidia/ Frame ABA6 8 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e6ca7bffdb571b122f7e2a992921a2d5.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3681
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:48 GMT

GET
H3 200 4c337f9a7ad795df07d5c5a50dffb0d5.js Show response
www.gstatic.com/mysidia/ Frame ABA6 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4c337f9a7ad795df07d5c5a50dffb0d5.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a33fd1a1bd68e80e3e361791bd30eece467824d66669d1f78be8925d78d2baba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4065
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:44:24 GMT

GET
H3 200 3f4d05c2ee4f6e8df89808e39016b993.js Show response
www.gstatic.com/mysidia/ Frame ABA6 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3f4d05c2ee4f6e8df89808e39016b993.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

10bdc8e2d25f3464c817905c4905f33c69f3632f96645d04ff095a39daa040e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7550
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:43 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ABA6 9 KB
921 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 04:00:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Apr 2023 04:31:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame ABA6 2 KB
765 B 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 16:42:18 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame ABA6 6 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:44:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame ABA6 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 16:42:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 16:42:18 GMT

GET
H3 200 window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame ABA6 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 18:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 18:48:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame ABA6 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 21:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 May 2023 21:21:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ABA6 0
0 16ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzZXc5ljEgkAAyuoy0GLV0VeL87cYPmXkmzgw8jMvgTsxXHlnDiS7OZCDie9tcrQhJvW-7OFJ5fXta_Jy_ZqETKACZBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABA6 158 KB
0 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 04:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49532
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682335668691775"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 04:31:05 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js
www.gstatic.com/mysidia/ Frame ABA6 32 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 00:18:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 00:42:45 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58EE 0
27 B 40ms
40ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgosCAQqKG15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRANIQAAAACAmbk_MAQKCRAeKgMweDAwBAoJEBkqAzB4MDAECg0QKyEAAAAAAAAoQDAECg0QECEAAAAAoEDiQDAECg0QESEAAAAA0ADxQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAABmZkaJQDAECg0QFCEAAAAAgJfxQDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAAAAAOiKQDAEEhpDTG5panFyYnh2NENGUWZDZHdvZEZtNFBVZyIZdGV4dC92YW5pbGxhX2hpZ2hsaWdodF9tcygV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f4d05c2ee4f6e8df89808e39016b993.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 75C4 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 25 Apr 2023 12:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Apr 2024 12:11:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABA6 0
27 B 41ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3f4d05c2ee4f6e8df89808e39016b993.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Apr 2023 04:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABA6 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5_QnCalIZLSfBb72xtYPjNSywAmTwJnNb6n6k5aUEb-Oi9q6ARABIOyEhH9gleKQgqAHoAGk3ZqLA8gBAagDAcgDywSqBOoBT9CRyxOCKkgyWOzXWi05Nqw38CbnqxM-apmrCUclWtqM1Y9PmsHoTiw0TvnikAemgcO2lKL-LVU4hIjtuGfcBmdvyLILspBuo0fmDqWNJyYrhlWsulrEKIEDNmNBTQKUkpAxTQvuGXDic_kdlWla7pDtY1Vs8SLT7HAOxm7UJ6U1pTnURWN-WW1taWBOvfpbJxUgcL2wvRaWR6Yc6SHYF3HfTU2vJ1b7qYax2tDOrXNCEC8naZC_0eBUAaid-3G8LAhTG-Gw9Yme8ZrCiuTQq9TApyGFk1Z1sq-6Ipw3epDP3Q8NHK4CIvGFwAT3t9zlmwSSBQQIBBgBkgUECAUYBIAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMT4CNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQB0BUBgBcBshccChoIABIUcHViLTEzMTExNTE2NDA1NTk1MjQYAA&sigh=T1qtNhvrqak&uach_m=[UACH]&cid=CAQSKQBygQiDFnQ9eLZNClquvD6B4-vCzDMnSLf77sDQ0tu3YYwqaU_Ij5RfGAE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 26 Apr 2023 04:31:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C533 1 KB
0 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=7602614114&adk=5568029&adf=4198862040&pi=t.ma~as.7602614114&w=300&format=300x250&url=https%3A%2F%2Fm.xuite.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682483464681&bpp=1&bdt=169&idt=259&shv=r20230420&mjsv=m202304200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1587344582571&frm=8&ife=1&pv=1&ga_vid=385049398.1682483465&ga_sid=1682483465&ga_hid=462667576&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2662797462&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074129%2C44788443&oid=2&pvsid=569489871240521&tmod=441586002&uas=0&nvt=1&etu=ACE2iLSJCcHF7Gd3lwqvluQ_lvMnDA1fUsS14ZnvA7uAVxGdNklgt996tpaYSMIyLAcqm33C_RR23mIQpUQsmYZ7ecDT&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3eoxc1e442&fsb=1&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Apr 2023 12:11:52 GMT
etag: 48472445140208031
expires: Wed, 26 Apr 2023 12:11:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST gen_204
pagead2.googlesyndication.com/pagead/ Frame 58EE 0
0

GET
DATA 200
OK truncated
/ Frame ABA6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&time=1682483452251&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&random_number=13987281924&sess_cookie=8558267d187bbd4195ae184a9c2&sess_cookie_flag=1&user_cookie=8558267d187bbd4195ae184a9c2&user_cookie_flag=1&dynamic=true&domain=xuite.net&account=Q+7Ii1a8Dy00qI&jsv=20130128&user_lang=en-US

Domain: ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com
URL: https://ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuv4GJvYp3KADMvVqtklECC6EwNNDKf7R8Pj8GgoIUoCpkRXcNylLVg26_oy0zMZLrSXt8zM1kR7Xqu5_lE5ayMqWjP5avfqM&google_hm=eS13cUJxZFJWRTJwSGtkVFFFVFp2cVFYSHhMRG5UdDZzc35B

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg0OTg4MzE4NzA1NTM4MDMyMw&google_push=ATf1kGMsKZupgU6QPYf0ll6n0OqgW9ZrEuKnYPQ6g8IhdfAMzDGC2U8i-wRzPioTeaJ_POhY75pl4RybcGA__fTvnpeprOxJRuf_M4U

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgosCAQqKG15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9jYW5hcnkKDRAyIQAAADAzU1lAMAQKDRAzIQAAADAzU1lAMAQKDRA0IQAAADAzU1lAMAQKDRA1IQAAADAzU1lAMAQKDRA2IQAAADAzU1lAMAQKDRA3IQAAADAzU1lAMAQKDRA4IQAAAGBmBlpAMAQKDRA5IQAAAGZm7oNAMAQKDRA6IQAAAGZmEoRAMAQKDRA7IQAAAAAAKIlAMAQKDRA8IQAAAAAAKIlAMAQKDRA9IQAAAGZmRolAMAQKDRA-IQAAAJqZrYpAMAQKDRA_IQAAAJqZrYpAMAQKDRBAIQAAAMzMAItAMAQSGkNMbmlqcXJieHY0Q0ZRZkNkd29kRm00UFVnIhl0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0X21zKBU=

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.xuite.net/photo	1970-01-20 11:22:33	Name: sitemaji_tab Value: 1
.xuite.net/	1969-12-31 23:59:59	Name: XWWWSESSID Value: 6er096l1jbjms2o6m9iu0stpu3
.xuite.net/	1970-01-20 11:21:25	Name: __asc Value: 8558267d187bbd4195ae184a9c2
.xuite.net/	1970-01-20 20:08:25	Name: __auc Value: 8558267d187bbd4195ae184a9c2
.xuite.net/	1969-12-31 23:59:59	Name: FOTOSSID Value: k7el91tp3a1f9bi72d1dusqth0
.xuite.net/	1969-12-31 23:59:59	Name: referer Value: https%3A%2F%2Fphoto.xuite.net%2F%40ack
.ssp.hinet.net/	1970-01-20 20:57:23	Name: uuid Value: 328f500c-a998-2507-6475-c635d9f959e9
m.xuite.net/	1970-01-20 20:57:23	Name: adid Value: 328f500c-a998-2507-6475-c635d9f959e9
.xuite.net/	1969-12-31 23:59:59	Name: XMYSESSID Value: 0ue6kocbqrenrpdpfp4ufmglq1
.xuite.net/	1970-01-20 20:42:59	Name: __gads Value: ID=da2fb21a3a5b9077:T=1682483454:S=ALNI_MYhum1NIHnMwbEqgyhI0LAa6g-JnQ
.xuite.net/	1970-01-20 20:42:59	Name: __gpi Value: UID=00000befbd2d964f:T=1682483454:RT=1682483454:S=ALNI_MbYdeDnMLJdIxlYBBc0uOU1WTYqxA
.doubleclick.net/	1970-01-20 20:42:59	Name: IDE Value: AHWqTUmjVGeXJXKZR6ormYN2LHETvchN6S-ccHpAtEgqv1OPTJqbaVtlMs8D2dUwKSI
.doubleclick.net/	1970-01-20 11:21:27	Name: DSID Value: NO_DATA
.tenmax.io/	1970-01-20 11:22:49	Name: wt Value: 1
.tenmax.io/	1970-01-20 20:57:23	Name: uid Value: 23dc6720-e3eb-11ed-87a9-11e3b763f4a2
.hinet.net/	1970-01-20 20:57:23	Name: uuid Value: ac1ff8b7-b3b0-417a-81fa-d3438196afb5
.xuite.net/	1970-01-20 11:22:49	Name: _gid Value: GA1.2.1156855063.1682483459
.xuite.net/	1970-01-20 11:21:23	Name: _gat_gtag_UA_6679755_11 Value: 1
.xuite.net/	1970-01-20 20:06:59	Name: __htid Value: ac1ff8b7-b3b0-417a-81fa-d3438196afb5
.xuite.net/	1970-01-20 11:21:27	Name: _ht_em Value: 1
.xuite.net/	1970-01-20 20:57:23	Name: _ga Value: GA1.1.1059259457.1682483457
.xuite.net/	1970-01-20 20:57:23	Name: _ga_5NKYZNCRDM Value: GS1.1.1682483459.1.1.1682483459.60.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=giftcn%E7%9A%84%E7%9B%B8%E7%B0%BF%20%40%20%E9%9A%A8%E6%84%8F%E7%AA%A9%20Xuite%20%E7%9B%B8%E7%B0%BF&time=1682483452251&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fm.xuite.net%2Fphoto%2Fgiftcn&random_number=13987281924&sess_cookie=8558267d187bbd4195ae184a9c2&sess_cookie_flag=1&user_cookie=8558267d187bbd4195ae184a9c2&user_cookie_flag=1&dynamic=true&domain=xuite.net&account=Q+7Ii1a8Dy00qI&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://my.xuite.net/error.php?ecode=404 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	Message: Refused to frame 'https://xuite.net/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

186f7f3e2535fdc768e99a97a3c0ae0b.safeframe.googlesyndication.com
3a1d2d2a2aed2dcdc585d6030b5a47db.safeframe.googlesyndication.com
4.share.photo.xuite.net
58788eb57333f452c81cc686e7f9c3a3.safeframe.googlesyndication.com
8.share.photo.xuite.net
a7fb1c1893971a52e0ddc710bc9605e65.profile.dfw56-p3.cloudfront.net
ac1ff8b7-b3b0-417a-81fa-d3438196afb5.t.ssp.hinet.net
ad.sitemaji.com
adservice.google.com
adservice.google.de
avatar.xuite.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d31qbv1cthcecs.cloudfront.net
dmp.tenmax.io
dsp.adfarm1.adition.com
ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.xuite.net
m.xuite.net
my.xuite.net
onetag-sys.com
pagead2.googlesyndication.com
photo.xuite.net
pm.w55c.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.analytics.google.com
securepubads.g.doubleclick.net
ssp.hinet.net
ssp.tenmax.io
stats.g.doubleclick.net
sync.mathtag.com
t.ssp.hinet.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xuite.net
certify.alexametrics.com
cm.g.doubleclick.net
ee9383cbbd53639f445899647e714c3e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
108.138.17.30
108.156.208.43
142.250.74.194
18.198.82.46
185.29.134.248
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
2001:b000:1c9:7600:0:a:d23d:3818
2001:b000:1c9:7600:0:a:d23d:3822
2001:b000:1c9:7600:0:a:d23d:3826
2001:b000:1c9:7600:0:a:d23d:3827
2001:b000:1c9:7600:0:a:d23d:382a
2001:b000:1c9:7600:0:a:d23d:3831
203.75.213.47
203.75.214.136
211.21.190.218
2606:4700:10::ac43:1755
2606:4700::6810:5514
2606:4700::6811:180e
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
35.186.215.140
51.75.86.98
52.163.200.170
54.70.8.72
85.114.159.118
000a1455a985b835836daeeccde14c23353c73074b698b72e42314811a450ae7
033dc512c8e08219e66bcdd1f6642346c18515bd5a1e25f9dce3a5955765dd42
03cd6a884b2b12d27d778f94d2b2f0379af4589598a74114aea07ab98610e7e2
04c45b5d784c894b92dd81dfb767f63fac32ed052b67e0ae775990d84f5be793
0622a1942192ddc4601c3c23a0ed5889f6d5c0a17a0ac21a1aafd7c8fa9d4f6c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10bdc8e2d25f3464c817905c4905f33c69f3632f96645d04ff095a39daa040e9
11d575c2cf05f9d0b10907559c4ab8df9254d2f23bde2b24fedcc611779394b4
14b8ace812e70ece5d61dd2204bde47e842590669e14f5e586e9c0ad4141d15f
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
171984e9c2b5e0888ce0281278b19a277f81eb3b6d1897a7c1ee570a0af42818
19f40a54cfa520620e351fe14309a3086fe588375e0127831390b1addafde0b4
1ae9039a1f44cbaa4367a5905cede5e638f0fb832f78ddd83e04fc602e25ed4b
1c36d58272887b76151e08692a9c11a9c854bc6ed910bd5e4e557967e13d4908
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
2496f1b76aa46054edab81ea47cf82ac2d94a0189d71c9ca36c41fa3370cf694
25f02e8a90158baa2b99fae0c81b6e22497d0edb1eece324298edaed00a63847
26a08019e4ce5c38e2bc902f0fdca6acba1edb884cc9e1deba30ac97e3404eee
27b581015428d488e994e4b19cbe263be0a07de9ca0348081ca2b3039aa1ddf8
27d79ea6ceaaca72e7518f33ab48c464446d34ddc423672873d5b7da579b8359
2809132aede15fcb98cef21630e2a17320c10be4dbf97ee3cd86cbef5b8fb478
2d9f2808a3e86a43d8a654a45db532330b9a4c1d299933d5213dbb1565773e9b
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2fb05a3796aaf028914e671514d248d38da27fa83b47b9efc7b6c89e4bed2523
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3180c8de11697f009324bd59f3c0ed63b4cfefacc330378c545c8924f51e42a5
33ada169b3486992c7f71b99d8ee1502ac48aa917817d23bbc8ace6ae980bb2a
346e080709efb850c7b344eb758587a4e1a9982f4336c9683e751cf8c34b3f3f
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3734c01100f54eb39e2612827645a197465b209f0b058efd22d2aa04f34fb66c
3f168b1c291e8b956e27d0906f7f4fd3cb78e8972d0d1a486bd0a6890e335052
3f5de69000dbb5c2b41ad075649414124bd899d03556bf02d6a808adec9b3755
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
4053b8be0c3cebc6eaf53846388ced7643b93f97e882a19fc4f3012b471c2613
4097c4bdb4510938b64c56b104c3ad7671a70df53562a33ee0bd90e01e6d4bbc
41f5e63f37797d4b6d51861ea16b24b64d474f150846e357e378939679e912f9
41feb9d42dced3b79ae2f422974c19716d5b74f6c349197801a238fba15cd43c
42e7bcdaa529e6e09c92c814bed3643db8ac5abc749e0613eb306d947ae2ef26
433fefa329fc4fd0704d951d4235c6ce4a93082b42fc9e6eed841bb42ac772c4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ef2403c92cdc317cd662839c5ed629e93b7699a8f4a294b0c3ad0373080e4a0
5052955cb4161a4c84f8abd64730052dc4cca5faeb2f67d9d96bc0309a382258
521135327544c4cf613c37d1c07b4a0ed9308c4a7870e7712bd1aa6135377315
527d7ed0846e6a9e665e4695cb93e64da6c85e587c8dc9fbbc935d365da989e1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dcf16a3b1684b1a7100e7281c19551d0c01c889cd8e81dd633ee20355806ca
5649231b54c32ca453f196d05e83d320f3b8fa7d3cee6556e8566a59605dbe30
5755e32fdb5c6118567bb9da683395acea5243a3a262da8e1e8f6f40cabfc21c
5bc7091263cb6db8b33a3767fa3cd09abb274cf47100f9843542d9fd79e86cef
5c4793b29a26b4c5407744cc72a5d5d9e5cfdedfcd60e0eb19f444364d8f4e9f
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
603a301298a13fc52aad0edf46700d46d9a53c6f3994a68587ec938c2ebc8e7c
607b6373b529d07da80e5c0bbce46ea42f08f93c3c0d5c26aa231cff4a2d80a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
671485b0714fdbb8c1c7fd0d2e632f0b183e62577af1fc2dc38933cb8bfb46a2
69003d042b0fe1ad1d39729251bf7fe9ef557e97a4c36af8bb20df5488bec9ed
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bff9298bf01888165fe94f4a8fb3402689e928df9a4a7f0a6477060c424cc62
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
7009ca6cdfe65e116dd86c97db4d3b3298cd50442cac6a59889300221d4dedd2
71588afe887b74f7d43d82b092b6d41bc8cd196d86e77e7b1acf79c7d4724b9f
717de370036c8ff23c0e7c3bf7f7b4b9fd06b760b9f5cc257325fc0ecdfed345
7182e8b6a6ce560ce174702b501b77a020a7549d779ebf07d522d32a1d91da06
723ef3cb4cb1680d448ebd4351b1fc349ff084ce1f4d8623ffdaec81b223d659
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
79159c859ad82bb982f7f91b91d4b50cf81faef5611aca61321908c656ebad6e
80f19ce2563bc8d8a93f7e282613a2e6958acb727b1a50e8fa5092191fa4e66b
82e489102b53928b74f6822a8be9f03c7c974e26096c55d4832c61b13baa7771
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85403620c375f5f47d9b5a972e9a316e42f14e126e9f90d6dcb2e1746ef530ee
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
86c31a704d681965da138f8ac4fcddafee32e4f003c8b431dbf4156f5126d1fe
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87e1d258d9c432e35c3914756f28cdcd86debdb40e7b2b6f8e8c9470c1b7db11
8eb83cee6dd625918a96ca3445cdc8ed2b1b2a842f09655d64a38107452a13f0
9137b33ceb0e8b966c5942abeff0ff11670e36afe176b73480fc24e7f214632d
917e19af2f131aac8cc5eb1b1229ee7ba17ee2f8180e5a478c6cdb68bae57f89
9346c9fa1638e839d87b92dd3357e784b9a8519bcea507bc51df392a2b8e8ac7
936851f622747914f15a9547605ed5cf26294da1faca060994eae68ed93c6784
971e05265ac733b8b680ceda40289532d70d3969ced9102074df951b8ca4d8b2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac0eb7eb5813ad3a082734f295f95fa59e6cbe8b1ff48e4bdb3de2b6eeae2a1
9af4ac939788941258ab9fcea9615228956b9646ddfe68c7dbd4ea27d4944134
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d662dd3b94f2b007efa2c38cebdd30ef8912dbb7085aecba5f3e0c22a08d912
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d5f941800e4f984c3f98ca15fb91b2aa8582b1fd4541e58adfc2a0b9c9ca7d
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a33fd1a1bd68e80e3e361791bd30eece467824d66669d1f78be8925d78d2baba
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ad5737b5a8964d028d34fcff3417cdba292f19572d75b302e64ca1aacbc9de
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aba04cd4ec1f9aa3c9b0fc1067d2679357c451515ea586adeef0032206d9dd9d
abe033cde729fd8232f9c535e87c859c867338fcf0bde0d7e3c52e8ac9f56bbc
ad0a39621bf5001da6d629f89a5d36c3d1084d08d0767989e45db88b0f1deeef
ad453851d7d827829599ea086e5807e3ddb9e619bf07985800b4486ea5a2dc35
aedc8dde3943b71dc68535bc49e008bddd5013edc62003d4db6290e1455c8bba
af173ec8a01336891aef40e947ad8cecbaa7a904316a413a207b13e7791660b8
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b0a666339c4762f899d6e88d4d8bebb0ea796ab5cbbae70c26e86f0a59fef95a
b3876ea3280559a56204fa578c794cb8fc4967dc74c026c0ebeb8c2ee88276f1
ba2d99983779077cf8f28146ae97fc3681861dd8a20c22636bff07a2505f2398
bc58f7e7a0ed86c18a0574ae23296518dd60cd08ed97265361b1be2faa8fbe91
bc8c5ec9910d59c97223cceffd7d38df4c15d5663da15b7ba53c37f066437e06
be5164042bbe3667df7ae91284e38cc73f92226265ea45ac19cdbe39e417aa73
bf28bf1749d5f6ac054b55c31c4f1e89bd3105c8b235cf4a4773100e8beda2cb
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889
c3a23a02036d60ca831a506443e35d740f91a81f83063c0bc077c1be6e641d70
c80f73e176369abca032dc6bac16dc434a1cbef8edbfd3af2ac611168e225fcc
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce054db0c0f550f92b8ea0d11208c80694f9d678c43ba731b73ae1ba4732f5a6
cffa52d10d8eb937b1051b55f8b44b1febf5a7c0fcd9d6c453c16cee6eedb772
d41229f369557405de5b218daad429dd8216b8cfde394c3cd088c5002c998de7
d9a711216bb3a73145b689a5455848b75413343208372f526d9b6d9e6bf324fe
dad5d636a7b661a2ad40cb137f4accc1e7d7f35faa2ebaeb9672c94389ab1184
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1
e0fc8bce45a5810a6475ef9553197f1eaa70fc83abf3abbe2a7595d10c4dfc46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57bd5b5c4127dbdd50f12387075e7aabf8a78bfecf645696de0df4693b73007
e7a386d5a9b03e771e0bdbd9709c214d7a4ac83d0ff286389205617277a4904a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea541769687eaa4727495d75c9d4757958b91519c10389d1e2bf4a7e42bae49f
ea90c0fd1b81888f4172394db78c8f26cd89955dc3aa4349027e04523781deea
ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce
ed1d7b2b5bc297e4a954e93d97f35663883b25bed8d7cd349c794f37942aca81
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1dc8df81050d1a12d0d74135ba780d69fa02bfe2e51713e92b90c928975279
f125ac911d1ba7e0f09ac1f7490774eedb4fdf389d5ea40d2c2892c9021c90f1
f1766735c8e21bd8344629f90c9dab505b091fa2bc1f1685463a942e1ebe9079
f1bdecf9ecfac173c92815a51ce116d9a5f207579896e2f5577c2a87ebc7a62b
f21107728ac96330e63532aa77821d19d298c52475815cd171c612284eca2eca
f23da9dc04eeabf1c364f80876a42eed13a8e3798ee5645b905f548baf9e8e44
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
faff7b2972ce0d9c1419bbd15f63968f626db9596767b3a600e08790394d860e
fb49df073803e8bae00ff3570018c17c5c96f7827200bcc774f0c44f219cb144
fc657b45c12fdf43a51a15d7b57e48311c47131455b019236a4f544d171909a2
fdce862761cf4a72674296f5f4cbc351bc56b5d9fcaf73111d8b1f768d929243
ff06a0e1ba317af0f26217e54d72181f3fff7b577bf7545f7026768a08be1904

m.xuite.net Open in urlscan Pro 2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

259 Requests

95 %HTTPS

68 %IPv6

26 Domains

49 Subdomains

35 IPs

6 Countries

3107 kBTransfer

8241 kBSize

22 Cookies

21 Outgoing links

Redirected requests

259 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.xuite.net Open in urlscan Pro
2001:b000:1c9:7600:0:a:d23d:3827 Public Scan

Screenshot
Live screenshot

Full Image

259
Requests

95 %
HTTPS

68 %
IPv6

26
Domains

49
Subdomains

35
IPs

6
Countries

3107 kB
Transfer

8241 kB
Size

22
Cookies

259 HTTP transactions
4 data transactions