kukuo.tw Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kukuo.tw/
Effective URL:
https://kukuo.tw/
Submission: On January 15 via api (January 15th 2024, 2:05:34 pm UTC) from US — Scanned from NL

Summary HTTP 116 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 116 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kukuo.tw.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2023. Valid for: 3 months.

This is the only time kukuo.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.155.202.187 54.155.202.187	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.30.50.237 52.30.50.237	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2600:9000:26d... 2600:9000:26da:e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f13:800... 2600:1f13:800:7782:9ae9:c110:4e8b:64b1	() ()
2	142.250.186.66 142.250.186.66	() ()
116	26

19 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kukuo.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.kukuo.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.202.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-202-187.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.50.237 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-50-237.eu-west-1.compute.amazonaws.com

jpmcbankna.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7782:9ae9:c110:4e8b:64b1 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	596 KB
19	kukuo.tw 1 redirects kukuo.tw matomo.kukuo.tw	4 MB
17	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	160 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com	174 KB
7	gstatic.com www.gstatic.com	62 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	148 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	googleadservices.com www.googleadservices.com
2	demdex.net 1 redirects jpmcbankna.demdex.net — Cisco Umbrella Rank: 19596	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9209	408 B
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 5812	457 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
116	18

	Domain	Requested by
24	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net kukuo.tw www.gstatic.com
19	pagead2.googlesyndication.com	kukuo.tw pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
18	kukuo.tw	1 redirects kukuo.tw static.cloudflareinsights.com
10	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com kukuo.tw googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	s0.2mdn.net	kukuo.tw s0.2mdn.net
4	dt.adsafeprotected.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	kukuo.tw googleads.g.doubleclick.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	kukuo.tw
2	jpmcbankna.demdex.net	1 redirects googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects kukuo.tw
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	kukuo.tw connect.facebook.net
1	www.google.nl
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.cloudflare.com	kukuo.tw
1	matomo.kukuo.tw	kukuo.tw matomo.kukuo.tw
1	www.googletagmanager.com	kukuo.tw
1	static.cloudflareinsights.com	kukuo.tw
116	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
discord.gg

Subject Issuer	Validity	Valid
kukuo.tw GTS CA 1P5	`2023-12-24` - `2024-03-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-01-22`	3 months	crt.sh
www.cloudflare.com GTS CA 1P5	`2023-12-26` - `2024-03-25`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://kukuo.tw/
Frame ID: 2C786B6DEDEC2659FABF838BFB80C0FE
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 6B9AB891D66DF3A9CE88808D9311408E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6066385171022240&output=html&adk=1812271804&adf=3025194257&lmt=1705327531&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fkukuo.tw%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.6&asamct=0.6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705327531471&bpp=3&bdt=4201&idt=339&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3286711463539&frm=20&pv=2&ga_vid=2008292766.1705327532&ga_sid=1705327532&ga_hid=1547923843&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C31080264%2C31080266%2C44795922%2C95320869%2C95320891%2C95321627%2C95322163&oid=2&pvsid=853625137885368&tmod=146938356&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=353
Frame ID: 6FF565C053640221434A4FAE13850248
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6066385171022240&output=html&h=600&slotname=5905498375&adk=3868324476&adf=3137160835&pi=t.ma~as.5905498375&w=200&fwrn=4&fwrnh=100&lmt=1705327531&rafmt=1&format=200x600&url=https%3A%2F%2Fkukuo.tw%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705327531474&bpp=2&bdt=4204&idt=357&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3286711463539&frm=20&pv=1&ga_vid=2008292766.1705327532&ga_sid=1705327532&ga_hid=1547923843&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C31080264%2C31080266%2C44795922%2C95320869%2C95320891%2C95321627%2C95322163&oid=2&pvsid=853625137885368&tmod=146938356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363
Frame ID: 9444BADCC194EB0CA46DFC6C8E7A47FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66AD4BB15E3D7F354192CDF5EE45AAF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C2BDDDD20D8D6FDA8E00023A13F5C01
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DDD3E17EB624E63E4B856F2481B68801
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C875C3F23853A4B7FA462F3E93364EFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQzd_yxgIY9-rn9wEwAQ&v=APEucNVaIBJDBkk7XrXjGXQ_ahqIGzOGXBvgX_dxH-ShGXu_2sA740Q-C99Gt2HkOWzY5pjHGY1VtTupspG2Sj4HT3SjTQ_rrdvMS268VeHbPjc3AspjZ-mEAQnxaG6wXeeBxrlsRK8aBKp8jix8dp8j6c7JEH-kM7mFNXD-2YFPWZUtlpUwEoI
Frame ID: E880F09ABCB6CD744BB1AF0FE12EFD5E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4CD17766069E6A6B94566C9BFEBC55EC
Requests: 23 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: B3513B514EDD442A90754EFAF2939FDD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65E1DD270F3EC655688E4AE35A7C34D2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: D9D31D433D090468C10E36852A600568
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5325B30BAC63C52DBA772290D9164134
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250
Frame ID: 882B201A54DB1AE324FEEAA971872FEB
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F2C86CFD42136F426AD5AC9AF5295792
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 502360E77DD2403FFDCB7825F6CF1BE6
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
Frame ID: 77F3BE3112E568CA72E6DDFEF64822C6
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 0BEBEA5A57D89ADD76C5B3399150BE61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ku Ku O 官方網站

Page URL History Show full URLs

http://kukuo.tw/ HTTP 301
https://kukuo.tw/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

93 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

5210 kB
Transfer

8050 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/KuKuOWorkShop
Title: FB 粉絲專頁

Search URL Search Domain Scan URL

URL: https://discord.gg/yJHfMB4
Title: Discord 社團

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kukuo.tw/ HTTP 301
https://kukuo.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaU7rDwAxP1IFpTWUlgvWQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENm9pTHVR2UMWyGGV_cTqEU&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Njg2OTQzMjkzODY4MTY5NQ%3D%3D

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990 HTTP 302
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990

Request Chain 89

https://fw.adsafeprotected.com/rfw/st/1376168/74274314/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015253484&ias_pubId=pub-6066385171022240&ias_chanId=1&ias_placementId=20871779973&bidurl=https://kukuo.tw/&ias_dealId=&xsId=ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK&adsafe_url=https%3A%2F%2Fkukuo.tw&adsafe_type=g&adsafe_url=https%3A%2F%2Fkukuo.tw%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-6066385171022240%26fa%3D1%26ifi%3D4%26uci%3Da!4&adsafe_type=be&adsafe_jsinfo=,id:b1eb72eb-d006-6366-4c93-cd2522c852cb,c:1nxkNO,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-mtmkv,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:132,mot:0,app:0,maw:0,fm:u1rmxrK+11%7C12%7C13%7C14%7C1511%7C1512%7C161*.1376168-74274314%7C1611%7C1612%7C1613,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:141,oid:25e75409-b3af-11ee-98f4-aad85cd771f0,v:19.8.473,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

Request Chain 105

https://googleads.g.doubleclick.net/pagead/adview?ai=ClN6LrDulZYM4iaOJ3g-8irtI-47Xw2_3qaGghxHa2R4QASDs5ucrYJEEoAGnzKPCKMgBCakCSoEp5l9csj6oAwHIA0iqBMIBT9BS3O50zqMu94i31GnucNIT-IL3QwXozVFEZtse2jIJeGRdlW5jo56xhUDzpwufU1CM1I6pOVUl7zCYRbYlV306cUmxHMRpoHZDnIDAMIrGDuc1WukwiccUYSYcObhnkchUmYieVzOlBEDdMcc5Lc4sBMBKUJMDQ9pPwyWR6kb4HMUcn3JiLjBAXpvuuAMDKsh0yUzqOCn9LIYe9u6BSO24Z2Q_H5LkgvCGno8hZZyZtsf4HpPyN1G6BGECaFh98tfABNWR59eRBIgFn-jw-kiSBQQIBBgBkgUECAUYBKAGLoAHp4T0oQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDTrgPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKWajI7I34MDmgkdaHR0cHM6Ly9ob2JhdC5ubC9maW5kLWEtY2hlZi-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjA2NjM4NTE3MTAyMjI0MBgA&sigh=jTWhJ88Z-4U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_4wokyYgr7Fv6j9R3qArsNcB7CzRVLZJfOGA0yXfQTNdvkonVdMQERO25YOqCY2ttF5Y2va6Bnwi45DUK8YN7pU2OrZ74NAfIYWUYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213367212770033821210%22,%22debug_reporting%22:true,%22destination%22:%22https://hobat.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210876413479%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217183259285452985393%22}&andc=true

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kukuo.tw/
Redirect Chain

http://kukuo.tw/
https://kukuo.tw/

14 KB
5 KB

828ms
792ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0431aa6b194d9981f42f678546c3144e36b6ea28ad73ccc311e13fd5c87ea527

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 845eac7079170b52-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Jan 2024 14:05:27 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfiuaAtDtOvpOLOTYpAijUrPHzhgDXR9xziYQcxcLd9vu6UlRXE%2BnTMlnFjvhDlSc8n43FQn6%2FhRXrmtvpwXmFsKtH5LChg%2FVZjIwWS2hHMAlhwhHwz9ck78NOlwjSdhHkRCl8eoEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff

Redirect headers

CF-RAY: 845eac6fbaa8b8d2-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 15 Jan 2024 14:05:26 GMT
Expires: Mon, 15 Jan 2024 15:05:26 GMT
Location: https://kukuo.tw/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pto6phRzJKMDZ8oqsM6Z1nW0wZzKPqBrbAcODjUPCbgcul%2FOAjNbHX6qWHAfC3aSaOwNlV1tyW7cKWqgYzd11noT4F%2FLQwZIRosn2AXjTSQVIpJn4ROOiPIjnUthCQKbsICpg5g9TA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
kukuo.tw/CSS/ 6 KB
2 KB 2364ms
2360ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/CSS/main.css?t=1705327526

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be15d6f130896844583f9c6e335eac4034c169fad300169df4fdacf4cff57798

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 28 May 2021 01:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"60b04aa2-1876"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64otDvwO%2FqU8tmLVeROYh6S0KN9L2cJ0bTwjaYhlVzYaC1KZXnDZttlQymewOpzNtwEBlaR4fdKozE%2FdnOePZYk6eVRmcYR2W1C%2F%2BEjmcrHWJPcvnRhq%2BL3k1kZEnPPqhrefEEi2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 845eac7578c00b52-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_shop_maker.png
kukuo.tw/minecraft/tools/photos/ 295 KB
296 KB 1706ms
1703ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/tools/photos/icon_shop_maker.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53dee09053cf1209b22dc12b61e64e80df42ecf88f5393c9124b852df52f7987

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 302404
last-modified: Wed, 11 Apr 2018 17:32:12 GMT
server: cloudflare
etag: "5ace469c-49d44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuWC6rC53K7iIBKQVEhX0Nsge2CDm0VyJytyeY0ncqucUOcplJE306evHiro%2BCP0jxZvp271CRRFLti9rcvYcvRgfLlvRs0jpvyq7mYmGmFqAMkwNP1BUgTOSSLOrm58z1vK5MYXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578c20b52-AMS

GET
H2 200 icon_spawner_maker.png
kukuo.tw/minecraft/tools/photos/ 324 KB
325 KB 2254ms
2251ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/tools/photos/icon_spawner_maker.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74fcda6164823d4e17663bf4d3dbe155a12cf28138fb2965013fe78878c4e05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 332111
last-modified: Wed, 11 Apr 2018 17:30:00 GMT
server: cloudflare
etag: "5ace4618-5114f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WW36WAxQt%2B1oRlMRmL6yAkNLmGfkCZgWZhAZXt1iUqUfCp4vYq0WnlVltf9lf29XZesf5ptR0MXsJdI9CAwGoUIc4qc%2B4GT%2BolHp508qk45H41mr6UqK4i0KiM4UKjiOJrO%2BuAr2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578c40b52-AMS

GET
H2 200 icon_mob_maker.png
kukuo.tw/minecraft/tools/photos/ 292 KB
292 KB 1638ms
1635ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/tools/photos/icon_mob_maker.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c30bf523b9704198fa4901e63a56639c64ae3681cb86e75dacf5a9dcaaaf5de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 298525
last-modified: Mon, 01 Jan 2018 05:29:28 GMT
server: cloudflare
etag: "5a49c738-48e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNO6jWWaN2q1s5yRStVA3CBmdr5xdyLuldh1ZzoUijhOJV9%2BaHC9zPu8hBWt%2B9jHvghHkCqsSehXjOjTlVrsDtJFkDwWDsriRLV8V0CjkM7g%2FOTp3VA341L6wx90bWEMjP1oTLrFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578c70b52-AMS

GET
H2 200 icon_skull_maker.png
kukuo.tw/minecraft/tools/photos/ 238 KB
238 KB 1601ms
1598ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/tools/photos/icon_skull_maker.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cf687d536a445f33008c81b8a4a0f45316695b845d549e46edd32e3998d6984

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:28 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 243528
last-modified: Sun, 31 Dec 2017 11:50:22 GMT
server: cloudflare
etag: "5a48cefe-3b748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXIXlPvupczGfLjC58VZnpkhrQ70VESSHP8AvsHnD2AUW2%2BZUCAlaHuXl2BG3BcinqkyrchxAKreDrgQtt9cgVgkMlMJ8RAmnCArU68d40LR1zY3VdSlw2v0g687lSU1NdoXwtccew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578c90b52-AMS

GET
H2 200 icon.png
kukuo.tw/minecraft/map/RPG/drive_out_the_monster/ 231 KB
232 KB 2140ms
2137ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/map/RPG/drive_out_the_monster/icon.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7e921b3104dd273972df43ea6e6fe15f750d7485ee2f33aa7a8cb2b3bb840f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 236749
last-modified: Thu, 27 Jul 2017 14:46:18 GMT
server: cloudflare
etag: "5979fcba-39ccd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68cdbQg7ujyRqMiT6v%2Bn2wdPTvjbzOrDQdgyPw3s8Hf5CiGjr39PUJVRXsy956e%2FO7nB9AxOC2kztnkwpThW2%2BCMS4hKDRO3qTsi1NjFaRP4l8C2MOgSSclAEZfUqfRErJH5n3HJBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578ca0b52-AMS

GET
H2 200 effect.png
kukuo.tw/minecraft/common_teach/often/photos/ 387 KB
388 KB 2651ms
2649ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/common_teach/often/photos/effect.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

597e90f0ffa457ebf33ce6285e7ab08f9bfe26fda4e8a6fcc4567cacd2bd0401

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 396189
last-modified: Sat, 08 Apr 2017 17:26:48 GMT
server: cloudflare
etag: "58e91d58-60b9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocUpgE2AIiIPkjPB7XE8BqpD%2BhbvK1GJSfwEcqVOLAkbspR0GZ2H8BD5wxR%2F917UeVokKSXiDF9kffddycARZPEVYO4rZeComsU3%2Femug5u%2BuN0as6lXk6pyM972oHGPxx3hKQiwlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578ce0b52-AMS

GET
H2 200 fill.png
kukuo.tw/minecraft/common_teach/build/photos/ 1 MB
1 MB 2577ms
2574ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/common_teach/build/photos/fill.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995f056750ad0a9b363140d531b07d2b96f78e0d5391083e4c6f884606a886ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1352449
last-modified: Thu, 23 Mar 2017 07:31:00 GMT
server: cloudflare
etag: "58d379b4-14a301"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCXFtSLXjllJWVmbwGxq5XCumEMLk2v5pdpM8oF71jnPqMZuXEVLVDj19B4B51wqdNyOotmIQgc24RE7CGjuWEUG0wTA1fGo%2FO5K00I23P2MJ8AO%2F%2Bh3fRkUh0hb2RnjxVr201DvNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578d10b52-AMS

GET
H2 200 23.png
kukuo.tw/minecraft/server_photo/run/ 156 KB
157 KB 2159ms
2157ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/server_photo/run/23.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc2132b3b78cb5d94db249604f4796826a7196afa1aec9e9edf06dd68b0ce1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 159930
last-modified: Sun, 22 Jan 2017 18:16:52 GMT
server: cloudflare
etag: "5884f714-270ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIAGqSJYcR32VHQFrjFSZNu9c9q3AvyUgkLGkwwWv5OvK9sJh%2FMhLhmFovuLvIviPaWFo7QsF0u48yg1DpIm7oaKzVJITYpAuuJTeeSuR7m2lF4c4imeokB6B8T6AVfHrs%2FDYuaZbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7578d30b52-AMS

GET
H2 200 17.png
kukuo.tw/minecraft/server_photo/escape/ 363 KB
364 KB 537ms
535ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kukuo.tw/minecraft/server_photo/escape/17.png

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e084965368a4d0b4e7b7de39442e94ee4ed8ac47a28e0089d6763644d22cec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 371731
last-modified: Thu, 19 Jan 2017 06:20:44 GMT
server: cloudflare
etag: "58805abc-5ac13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlBBja%2FPOG4WhMgQFtMv15bYC3sViFWOpppi%2B1NNyqxlJS8BsAkH%2FBvLUJn%2BKYBgVJwF4vvYZd5QFfFjjpT3AUuo2VPd3MM6EyODxRT9uZVtCpaS%2FqowelUB2fwTyzjsKednf8akMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 845eac7588ff0b52-AMS

GET
H2 200 rocket-loader.min.js Show response
kukuo.tw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx151KaSqNUeY9V1yu5f3nBMuStg%2BHijejoC4HPV2MM8BhyDUXzhPqc7PrF1S4kNFNaqNH21AGnYBve5%2FgTUhAsaaZMNgitFoWwxa%2Bmahg3p5sZHa14664P8GYk3WM3Jb4w1n%2FVEqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 845eac7589020b52-AMS
expires: Wed, 17 Jan 2024 14:05:27 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 94ms
62ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: kukuo.tw
URL: https://kukuo.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://kukuo.tw/
Origin: https://kukuo.tw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 845eac75ad560df4-AMS

GET
H2 200 email-decode.min.js Show response
kukuo.tw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:27 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"658bfe17-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rholiF%2FxZsOHj%2Ba5m3iLSMKsRJ%2BQfa5ori0e4lTRs2b0E9Bv4fYcG%2FP0ihjBmKKKadxjQ4iu3sDKmj5eN84fp7xAqOv1LvuPPNFIamGckLaTe%2BRK%2F7RriLKg2v0Q1nK0MXv%2FJI7Xqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 845eac7578cc0b52-AMS
expires: Wed, 17 Jan 2024 14:05:27 GMT

GET
H2 200 mobile.css
kukuo.tw/CSS/ 5 KB
2 KB 2102ms
2100ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/CSS/mobile.css?t=1705327526

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

669add1825f3f007e1687e0f750cd68eb5eeaae544c6572fd75df7815f2c74a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 28 May 2021 01:42:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"60b04a72-148b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKwqiPUYYM5E3lVEfzlYG8oox8BueptIIbAw65ITQt%2B0ESjx%2BEi6BELXCqdRZjM7ZsaehMIbiGy7mz6ROvjTNj%2F%2Fs44YUNFyTcznLOgnqPq2UgjFThfoLTYBDkiOhXPklNG0kwWYqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 845eac7589050b52-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 83ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RC4SDMXYPC

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19fecbcd15a3b642a1e2525c8ea48662f83c4c18fc6b8db72ab255840df24d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 14:05:29 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 113ms
68ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6066385171022240

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b62253dcae8ba70c193adf071b5e2519813816a8176d6079f8291905cdf598b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Origin: https://kukuo.tw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51445
x-xss-protection: 0
server: cafe
etag: 6245440953963470674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:29 GMT

GET
H3 200 jquery-3.4.1.min.js Show response
kukuo.tw/JS/ 86 KB
32 KB 1786ms
1785ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/JS/jquery-3.4.1.min.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 17 Mar 2020 17:55:32 GMT
server: cloudflare
etag: W/"5e710f14-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIr28yGVcJo%2FU9cUJv7UOxPYd21vQzENXd0dNlTODv8awf3M%2BGjhVkMZ2hYv7k3iysHzpd7PUqIhlXNlpnzzeE69GCMtTTnlJow3rDLunQ8ky5mJncnzd9USNAWSjFzirxuMd8GCWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 845eac8459036709-AMS
priority: u=1,i=?0

GET
H2 200 matomo.js Show response
matomo.kukuo.tw/ 65 KB
22 KB 2230ms
2215ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.kukuo.tw/matomo.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:33 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-polished: origSize=66607
alt-svc: h3=":443"; ma=86400
pragma: public
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 07:15:45 GMT
server: cloudflare
etag: W/"65965b21-1042f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eaz0nxIWNbd5X%2BaKhXnCyaD1Vwi2lNHG%2Fspg47bxT1rLduZ0aCPxzs5UinJNjQwpfNp6BxFcPvXj22B96tMhKZDtbu7OtnHZJC9Y%2Fpv15yNHwnv6difSpBefVmL21HqjOX6iloGGaM6SIT0YMRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 845eac8fbc9a0b52-AMS
expires: Mon, 15 Jan 2024 14:19:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
3 KB 62ms
19ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc3224960c201d71ee7c96e58670188df30dd61e93c33bab4bd21ef2e19c6092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 14:05:31 GMT
content-md5: pGpKtV0mYbllUkT1KzknFA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: 0MshvK2LplmCB0XPuhIhSDWHdqLW06W9sik2Edoz/RDhxzGgvbzH9AESB9sFwbK1EQK3BghL5BP1IgEi5a5How==
x-fb-content-md5: 9f914baed4d858b98ad12b7619dd850e
cross-origin-opener-policy: same-origin-allow-popups
etag: "7a26e6ccc962814b20e267e8069f41a6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:16:53 GMT

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 325 B
457 B 63ms
18ms XHR
text/plain 2606:4700::6810:7b60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/JS/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc1c7a65fe3e2abda0e804b42f54895a060080221bbb8664fd18b323fd5df52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Referer: https://kukuo.tw/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 845eac8ffdfc6630-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 118ms
79ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6066385171022240&plah=kukuo.tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6066385171022240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b0227f45e3406a274fce5f61ea736b3a1ddadae264d51bfc97d8a1c7d775747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139387
x-xss-protection: 0
server: cafe
etag: 15025083133616000423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 6B9A 9 KB
4 KB 65ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6066385171022240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 62719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 20:40:12 GMT
etag: 9219409622527106327
expires: Sun, 28 Jan 2024 20:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 rum Show response
kukuo.tw/cdn-cgi/ 0
136 B 23ms
23ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kukuo.tw/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://kukuo.tw
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 845eac8fed716709-AMS

POST
H2 204 collect
region1.analytics.google.com/g/ 0
240 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RC4SDMXYPC&gtm=45je41a0v894034508&_p=1705327531458&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2008292766.1705327532&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705327531&sct=1&seg=0&dl=https%3A%2F%2Fkukuo.tw%2F&dt=Ku%20Ku%20O%20%E5%AE%98%E6%96%B9%E7%B6%B2%E7%AB%99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5193
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RC4SDMXYPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kukuo.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 61ms
20ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RC4SDMXYPC&cid=2008292766.1705327532&gtm=45je41a0v894034508&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RC4SDMXYPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kukuo.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 89ms
44ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RC4SDMXYPC&cid=2008292766.1705327532&gtm=45je41a0v894034508&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=315662633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 visiter_update.php Show response
kukuo.tw/tool_files/api/ 34 B
549 B 630ms
629ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kukuo.tw/tool_files/api/visiter_update.php

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/JS/jquery-3.4.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8352d908f5aeb35f901dbd0a9ff03a4bdd7b40d4de2c4b1ce08d48905cdf31ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://kukuo.tw/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er4iyJU7Sv43g97piJOtzN1RN8625FUYJ8lQ8OCkMdfC49eseQkOyIwfVArjZLEaNohEH7Uf6pliyVMslF79lHDRqvvfab0mBlt%2F4arOUUvHDSN1iiapYrI6LITyENofo3vt46AmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 845eac901dd66709-AMS
alt-svc: h3=":443"; ma=86400
priority: u=1,i
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 298 KB
85 KB 42ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=4bbfe90855383d3343ff418aad7d59d2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0acbf99dd9d85076aad9985fb3be040864feec88c232e0d71219badcff61c457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kukuo.tw/
Origin: https://kukuo.tw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 14:05:31 GMT
content-md5: CV8GbhGxWxLxdQvBc/GwfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87101
reporting-endpoints
x-fb-debug: mcGns1pmQSO5C6BhOubZJFBA3Si0ijdrKoCTfE6TczGREsqeZMpTV1Te8uP3WV8DsE2zORXCUBL1xYwBhs7y7g==
x-fb-content-md5: b708995dd84764837aeb19d74494937d
cross-origin-opener-policy: same-origin-allow-popups
etag: "6ebee9d0cf8db6e571fae9ad356285be"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Jan 2025 13:30:42 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6FF5 231 KB
61 KB 775ms
774ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6066385171022240&output=html&adk=1812271804&adf=3025194257&lmt=1705327531&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C404x810_r&format=0x0&url=https%3A%2F%2Fkukuo.tw%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.6&asamct=0.6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705327531471&bpp=3&bdt=4201&idt=339&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3286711463539&frm=20&pv=2&ga_vid=2008292766.1705327532&ga_sid=1705327532&ga_hid=1547923843&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C31080264%2C31080266%2C44795922%2C95320869%2C95320891%2C95321627%2C95322163&oid=2&pvsid=853625137885368&tmod=146938356&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=353

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6066385171022240&plah=kukuo.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fd313986aa66c451b23bd1e6360904d830074807c078abce882d3c2b14ee0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:32 GMT
expires: Mon, 15 Jan 2024 14:05:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
66ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ec1d32956af82b6bd7db7ef54371f451dfc4efbe838a6f03683c8950864f95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12339
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9444 149 KB
43 KB 1580ms
1580ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6066385171022240&output=html&h=600&slotname=5905498375&adk=3868324476&adf=3137160835&pi=t.ma~as.5905498375&w=200&fwrn=4&fwrnh=100&lmt=1705327531&rafmt=1&format=200x600&url=https%3A%2F%2Fkukuo.tw%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705327531474&bpp=2&bdt=4204&idt=357&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3286711463539&frm=20&pv=1&ga_vid=2008292766.1705327532&ga_sid=1705327532&ga_hid=1547923843&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C31080264%2C31080266%2C44795922%2C95320869%2C95320891%2C95321627%2C95322163&oid=2&pvsid=853625137885368&tmod=146938356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1bfd44b8bb88ebb8a37a7777ce5e4e8f5b9f09f3fa0aea00edc24e0c4907536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43822
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:33 GMT
expires: Mon, 15 Jan 2024 14:05:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 120ms
74ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 14:05:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66AD 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 13:11:44 GMT
expires: Tue, 14 Jan 2025 13:11:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C2B 829 B
1 KB 106ms
40ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

985643349b741390b4b2204caa1384aff3d270366f07abccfe5d523e569ee653

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W1itw8PHlhYjv808PnDpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-W1itw8PHlhYjv808PnDpiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:32 GMT
expires: Mon, 15 Jan 2024 14:05:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 66AD 39 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 11:41:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 66AD 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mwhY_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C2B 0
0 54ms
53ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=853625137885368&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a99458ec6d87c9846b8fa8e5a78893f269ff0b9acfcddf1f34f7903c3d4f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56407
x-xss-protection: 0
server: cafe
etag: 9582451261753473159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=853625137885368&bg=!RkWlRQrNAAaumcC-jpk7ADQBe5WfOHhWumlBaOjluzxbqESUXv1b5KRDlw4CiglD5NXecyKSpUwr9u4894T9nQSXcqoLAgAAAERSAAAAAmgBBwoAuMQ1vuxeNPGZNTtCHQLueTtkCqkFQiXqgKDY2L-YBjDgEMl80jBS1_tqF9XFEw7rBhr6zpH9gtkvwq60XQkHgkdiQaK0gBlhFxwPrdi6XnvOjvi9pmwM81MjNtAKhbE9excINeOyt5lioGvsmPC_Nc3GMiqd4QiDtca41SVQmv373DAvXVcldnjLocKhCz9W3LKl4-J0WEVbBOu77NmxEQtkYmcNt6bWyBFXyfxziUHtriBwRTEmRnyZAqktUGY_QdGDXjk-wvTyRpJ3LFbvDpc8AlbJTP5Szpys1BSnxoF9iWT5gE0YRENaGAK3PqAjihj0xOGW6sIj1rvdlsad7YV4c0fl1yX7muGLuoCNvvZRU5bJJBWrNttQ9d3679dV4zNJadr5WCUZk11bt-8rcwd0yribdtgkjtWOHtQ8INfkytXkw_Hes5NGzNNFA2tlTxhoV-FUunwUVuivKc79JtVR275c05g82yS7YiVlBMLiU01scBpYe8WY9z3CMCO75ycB-nn-8RPIdWe4nbOcJy5pazlRjrcGjweDtJhsPG0L52oMOI2oZWBHkaocmUz0oVG76Wy4xqmqz6COewg5hhQeE8D4iWfZlJgLezTy1WKsTJoTV2nHpkIffpj4G58bAt9KGJZJ0Ww6JZdUPkVyAtrGUXAA1_H6qirRPfZQtNxMf0Xt2KcQE0TRti9Tair4h_7W_4KA9y2WZOrtp369ye35lE2cAf8Qu2Lgxn0MIC-Ni19Ea3_rwt1zOXkjZQGHfmE0TcogoFF225UwuRpxX38Z5i3vtz4ATnlioVI54jZpzrYKRHMaEZcLPHsX2XdrxRMsONB05mAMIwIYDWgJA9EGCqzNxeEdRd1I98zZJ6kHeFyJNtzjZHdVO1pmeDf1ngMliK7jIZJ0TlMOZtjqfjcqvTYKvJvPQ24x-0e8Gyn27Kv7xNF07-3MUF6azPJKD9_mWepaUwhTxYlHlbnYYuiY6CAyatULorh62yrBSCFVXWZUIphrfnj-ezRk693uVdu9Tqzi7pkmIaDf_hDOF4cdAqJEzQgdhMIOrTatFED9e9tYoF7vxsdb9RoVRkgepREj-j1B1-hHuMxcwXLFy5fPILWLv9hXNGUAHgH78E6yzH-GCBR8TpVOjFzBlUDodVWMB10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6066385171022240&plah=kukuo.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://kukuo.tw/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame DDD3 9 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 58638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 21:48:14 GMT
etag: 9219409622527106327
expires: Sun, 28 Jan 2024 21:48:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame C875 9 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kukuo.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 58638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 21:48:14 GMT
etag: 9219409622527106327
expires: Sun, 28 Jan 2024 21:48:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DDD3 4 KB
1 KB 74ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 12:11:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDD3 205 B
651 B 66ms
18ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:30:37 GMT
x-content-type-options: nosniff
age: 261295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 13:30:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DDD3 604 B
696 B 67ms
20ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 257711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DDD3 16 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 22:18:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 22:18:42 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DDD3 22 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 23:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 23:16:40 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E880 624 B
246 B 62ms
61ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQzd_yxgIY9-rn9wEwAQ&v=APEucNVaIBJDBkk7XrXjGXQ_ahqIGzOGXBvgX_dxH-ShGXu_2sA740Q-C99Gt2HkOWzY5pjHGY1VtTupspG2Sj4HT3SjTQ_rrdvMS268VeHbPjc3AspjZ-mEAQnxaG6wXeeBxrlsRK8aBKp8jix8dp8j6c7JEH-kM7mFNXD-2YFPWZUtlpUwEoI

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:32 GMT
expires: Mon, 15 Jan 2024 14:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4CD1 89 KB
31 KB 148ms
147ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4CD1 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 13:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 13:11:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4CD1 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CD1 205 KB
65 KB 76ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CD1 42 B
63 B 52ms
52ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXeseNox1G5pRYAi5PBdPsD8miAyMVEy_lN83jB9JPlK1lvm3jYVczcjYqkHaqs0MKjh21pk-cRfQcQQJEkhXS-yYsLElnFA0OiubvBgvjNkqRMuQ

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B351 14 KB
1 KB 28ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B351 2 KB
822 B 29ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:28:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame B351 23 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:25:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65E1 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 13:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B351 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 13:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 13:11:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame B351 20 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B351 205 KB
65 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:32 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame B351 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E880
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1

43 B
337 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQzd_yxgIY9-rn9wEwAQ&v=APEucNVaIBJDBkk7XrXjGXQ_ahqIGzOGXBvgX_dxH-ShGXu_2sA740Q-C99Gt2HkOWzY5pjHGY1VtTupspG2Sj4HT3SjTQ_rrdvMS268VeHbPjc3AspjZ-mEAQnxaG6wXeeBxrlsRK8aBKp8jix8dp8j6c7JEH-kM7mFNXD-2YFPWZUtlpUwEoI
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwVJLFEu%2FQEfSZCB6DrOp%2BdVDUmKqHX4Fi3dH79oIcyzz9LICtWfEpQdYr89iWx8n5%2FMsAf94wx5Cmr5fPgn1RD2c0D9tMELo7gXvgq3zFJkmDwuokDb2Ow9mir8pKDZYpojVkF5qVlwxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845eac992c540b70-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E880
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaU7rDwAxP1IFpTWUlgvWQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1

43 B
773 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQzd_yxgIY9-rn9wEwAQ&v=APEucNVaIBJDBkk7XrXjGXQ_ahqIGzOGXBvgX_dxH-ShGXu_2sA740Q-C99Gt2HkOWzY5pjHGY1VtTupspG2Sj4HT3SjTQ_rrdvMS268VeHbPjc3AspjZ-mEAQnxaG6wXeeBxrlsRK8aBKp8jix8dp8j6c7JEH-kM7mFNXD-2YFPWZUtlpUwEoI
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecN%2F4uf9Dd%2FJ36WeTiyyDkihjJmF56AycFZ2VvwYpDlWoBTe60YZzOlCrR%2B5YYgTKWZG%2BidpVKCGpuEyR8H6u0MUnYzDI8QCFN9eGfKi3YUq5HW9Z5RXYfbbz%2BxQkiUx6HEUzvsvTfEbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 845eac99a8ae66ca-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqmoajAAqHIv4qQ555p5RE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E880
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENm9pTHVR2UMWyGGV_cTqEU&google_cver=1

43 B
1007 B

18ms
18ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENm9pTHVR2UMWyGGV_cTqEU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvmmQEQzd_yxgIY9-rn9wEwAQ&v=APEucNVaIBJDBkk7XrXjGXQ_ahqIGzOGXBvgX_dxH-ShGXu_2sA740Q-C99Gt2HkOWzY5pjHGY1VtTupspG2Sj4HT3SjTQ_rrdvMS268VeHbPjc3AspjZ-mEAQnxaG6wXeeBxrlsRK8aBKp8jix8dp8j6c7JEH-kM7mFNXD-2YFPWZUtlpUwEoI

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
an-x-request-uuid: 75f73bc3-668c-4027-8478-a75baef5f4eb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENm9pTHVR2UMWyGGV_cTqEU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E880
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Njg2OTQzMjkzODY4MTY5NQ%3D%3D

170 B
243 B

30ms
29ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Njg2OTQzMjkzODY4MTY5NQ%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
an-x-request-uuid: 251f96c0-168c-4b2b-957c-ea2a88871d7d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Njg2OTQzMjkzODY4MTY5NQ%3D%3D
x-proxy-origin: 212.7.210.178; 212.7.210.178; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 65E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:32 GMT
expires: Mon, 15 Jan 2024 14:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 14:05:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RC4SDMXYPC&gtm=45je41a0v894034508&_p=1705327531458&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2008292766.1705327532&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705327531&sct=1&seg=0&dl=https%3A%2F%2Fkukuo.tw%2F&dt=Ku%20Ku%20O%20%E5%AE%98%E6%96%B9%E7%B6%B2%E7%AB%99&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6607
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RC4SDMXYPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kukuo.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kukuo.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CD1 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6647054434079&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CD1 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6647054434079&version=m202309260101&ct=76&x=1&cor=13054847087612367000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4CD1 109 KB
41 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUv7tXTVSbBMuxh_8izLRC64FHaVCjX0pE0h-gPTjAaBIstSNJvO11D-6ASKMiJ6AtdjcqIuJdaF6BvJ1-JpvhScC4UNQCn1lJwQLEfRbwTT5dNrLhwPNdLuCtDnK0dTf_TXjNSTT2P2S6P-ylCjKFo6IbWw2-c55Y0lu11o5EqX1qDiQ&dbm_d=AKAmf-CfH9Ngx-8ySGrB0Kf0vlRlN3ZnmDzG-BPHIkfNOXtHK85W99OoPacE-p4UzTNc5SNEq1AmWLuOFudoUv2pvHiBtf4a7vrVHxE360ZDILpeNxaNbZKAxuxzSsCloexiV21Mag3vkLXLuddVTd01kbHo38boM4wCgfsP5RzHzgZYhexjFZYiu2YtwaaC0mpcSZtQrakdIt_VSv_7nByDK-0168vyDqtTCxWoYHPL5y5fmZAt6TV649iO4zZV4ybnej7BRAmNZa7RVqx6QKLQAZKN49fLmpky2W3QhQdAxET4S9-X_s-mb7M-EDwCHBOga83U4QbW6bRO_OEbMuJUTYZPeURz2wVzfWVu2q6YSPrL6Du5be68sVDUgyZQijnrlHJtfL0eXROhAE7RklTDD7Ml0Je_VVPZ5V0DE8hT22rrjA-POOB-oYsvprQLPif_1cp-lrgA1bwJ472zDQD1Gvyw6sEIvwHIWX0GGmEUzP2bKLBQbH7fMjrlw_sAOimX4N6rzeKkY-8sEJySB8A2t8G6zrm2JEsclEekH06oDX5pmzMzTjSxvRV74DdmOz9UuagJd7gsprKEDu-HsQXbfhnvb1SM31Xv3oIOBpxtYbFZ1BEm-WhF6EAFqPyW65lKc967d7XJSa3ZpmzRn7bsRlxleDiTaOsdui4j8uqpvOGlWWmU7MTVtm8l8kyYIMQT3fPa_cSsrzYkEgushMN6hTWWQGje_Emi3McfuHbHCxJ7WfwiR2rFybDby-dhCC6w2ehqV6x4Y3fZO2JsV2e8tlbbwuVIbPM4aV0xZRYTr0yERibdKVJAa6gK42u9rTKPgxs85dlroQFS20x5na8Qwb6XB21KwpzUXqTnVhTyPZdGmhmsza5_8edE5btEoW15al4wCc1jZ_zc8XVt-88QDLiVasEuSQZJtbUYsynQuhjx9D3Y3eIooTk3WXeyGoWXrcMB3fUrHHFr_R-G6gI4JV1m_NkyV8n5Dxzl-3nlcL14nF2jZbIv4b3l2peWFjSj62pRvjtMP24X6SPlWRa1SSkydsYeRNgtSzcIpE7F5ru4R_IkwTwRBIeU8KEgnLo8XRX9zgs1hu9Dcu8F29hriCtX84WggBxIG8EVtvVqUPtunh_PJUS43F7w2y0wJfM9tvOdBGFBRz4bJIQqV5m00iPNS_ZxRyqBwmLBknZwiVDxF3Tkt9AoVDz6wHu8d5fOy7e6t172XX3G1mN50UGjpMKJAQ76jzr1hC6TiGitvunNwf-GFl0a8ONkPtGFQL_Pfqx430zGrvJndRyKkXYWNZ5Y0r0X9UrG1TjE5-9GceNBzLZj0t6nlKaucZCg2Dh03uXojdkLChOPeiyNSl50LqnpZxCPkYEnrOTwC3QLl-9t044k1LR2B3zSz9hIIENuvDb5whMnHgi8MeOnA9ek-wJ04CQqmExr7yuBqGg1VJ7isttMgjcsJXGNK2UMnhUqeZmrsJEqOQqcN2nQXWWk0D3UvaAP1VtPmRCvV8-YuNPi3HxY0ooyAvCqX_aJpGnVRHGHt1MWL4zwRxbyNRQkKdlf1FTJjUk5MndUJtuhBSsCX2LJ7KCzIE6IDPp0Mp9M0KI4V8N9yxRezoKAedQSM0lYQZ_IrV95FzdG01fm-zYQhl46qT83feSUbqWxrS2lKoygalQDknTxFj61zvig9hA40Z0Z-VhRtMK79kCZSeRG5p4Y4ADiW9WZvOa8pVe-di55tN133CLyGbmQ8CmXU5mlsAYmCxE6Xj06bGDxeGwax_rXFKQHMjhN-qvq55YlsRpAmxCKfgk7T2Ar8BCUB4WThLSPeGW8dmgLuJmcQo_jc2SCT1Xv_XlDaZX2nMPoUqPBPb-kGDi5_BF6d2ImcatYqNYzaDXipQDjm3b5YhsDAxMYTp6FiwSp77BWdHO5IxA1SbgHHnMxDRPJ-N4Wkz1FY8OAn6dArf24NLMU-KWQUniuKLXPlZLEg3lNHHAgjCEk6z8Xl1NdMMyehsU7JUvjG2gTvEusGsGUoL-imxI4u79lHv7E7lhhMe2FY24S4Sf7vv_0YA8rywpId5x1VaWo05BmZT--OCFAXFF71tTSpwGnctnXOcHQ0R2k2pn9pyArTCf-rqOfHbnhANba1bsMEu8n6JjXBL2yA4c9aQ7pvW2D41hfNghmtgEesLFPqDq4RiD9mjyrD3XoXxamHmgvDOsOSDKN9tuHiS3ZjvUHTH7FYE_azu1_wP5NYSoWuRMUX8OI2JxWm1jaJbLIuLKTF1fNhK72gIo3fIL6Vs5Tz1w9YdftfzWsMxK8aHiRmhzemGn_xY8Y2Z0Ak-BBzsfUQB1CI7qmHgA3EjKBXrav2n78KdBuHKFk4MGtgph95iwkvgGHLv0zfuvLA76_Feo_ZisXalloIuE3jr-FfeYnnvR8MfAX4r1kxnZaBkpBl14rbNbkk8XYMxGtillAFbpmL1xOllCat0pk62n-D3t9dd5HSlJt_W76NNWIFgRG4HzF_9A07n-76KKFG7ueRk-Poga4nGDqNts_s1BHVJibxoAJJ3vJJMXPf4zpcq-C-q87lmtGw0-MZP6AypbvIdn9Q5PQvrHC5cexxzCeRPrTa_luHh0bmC6ErTMD_NiYst-3lbYUZ2SUaVknZdLyoswDVaafslCOYfEtGD8EyBouxwI2mHnzmEu0NCUADfKFgHEQ0tJKxQ8RcPQA0wJXTSB89ugNhXNvypfc1h_3lgHen8kk7hvAzEgDHN9nNyXR7627R3Ekb_3LUfLHuB2hBWNxcZxhWI20oVVzDL1v3RAAnFy4AYjLLGkAGAoC1r4jkS9FVr7xG0y5SXK3UqrSDnZzzhQU2LwdwZQiRpeINZ6NpuBUS18c8vk2Wore0HG3-5yhnOVN20y6xky488oBZJy9TXdQVR9NFgvtoqY-_OkgaTdP2PLRqFqFL9fuPk-fxBzVCmi_49HPKm_UV3RJrQ5PNAXSFKUl6ptwnPtmcF6qPEA0A68HyraYo35GBJIpD_r2Q_HUNBm4bWjXgmwLXsGnQ3B7eGlcOeRuRHej1cbRrnAtS8F5U689zcTl1vO2L1q8-C2hOHwu-eO1FRi5UizRwh9TUyXRwGJUs_ccolUSxJwy8Ltoy947_itltUaQh7xMR3EbT5jQKVbVFYRn1r1Zh722wChO0J4VqHDC5E0yGQpS--zvEpbW7YPOGX-SOjcjIJuWknCvpTddNhV26WphvuRFndq0_baC6HOboQSGcM97sg-oGYxDDhQgh6vdAar3atsARXrciANShwcGR_PXSBctCMmVYt0SRoTvcbTHSBc4Msd1T6Au5ve0RgrX0_LbQBWE9g61m8p7RNEM6yQzDe41QZ6oBC96RQL5evXqQuO0alvqBwTXnnky4mNvLovaHg6eBqOZU8g6MqTP3O2CwekLM7hdenjKe4Kh1HzalLbmSYzu2iikCJk0nvrwGLmjNfoMbSSxliYMFOOxtsAu2xyNsQ&cid=CAQSTgAvHhf_SThJsq-fYAgx-ptGxNjd2qL_DPWWvAFi8yfEq8YD6lIoy9tNC2MxDJdq95c7UT7zg9NnjTtJRiSTL9fmsS2iq4M035GZO05kRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkukuo.tw%2F&ds=l&xdt=1&iif=1&cor=13054847087612367000&adk=1726166463&idt=176&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c016f21a79359e41cfe73fc257dfb8a5b5e4bb6306d47945b5a60be976ea5a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame D9D3 50 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 13:04:27 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1376168/74274314/ Frame 4CD1 60 KB
15 KB 127ms
57ms Script
application/javascript 54.155.202.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1376168/74274314/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015253484&ias_pubId=pub-6066385171022240&ias_chanId=1&ias_placementId=20871779973&bidurl=https://kukuo.tw/&ias_dealId=&xsId=ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK
Requested by: Host: kukuo.tw
URL: https://kukuo.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.202.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3dc31a88f834f3ad0af3ecdbd6c9ad3dc1612009d93ffd9ff47261234f495e3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4CD1 111 KB
39 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 4CD1 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BUv7tXTVSbBMuxh_8izLRC64FHaVCjX0pE0h-gPTjAaBIstSNJvO11D-6ASKMiJ6AtdjcqIuJdaF6BvJ1-JpvhScC4UNQCn1lJwQLEfRbwTT5dNrLhwPNdLuCtDnK0dTf_TXjNSTT2P2S6P-ylCjKFo6IbWw2-c55Y0lu11o5EqX1qDiQ&dbm_d=AKAmf-CfH9Ngx-8ySGrB0Kf0vlRlN3ZnmDzG-BPHIkfNOXtHK85W99OoPacE-p4UzTNc5SNEq1AmWLuOFudoUv2pvHiBtf4a7vrVHxE360ZDILpeNxaNbZKAxuxzSsCloexiV21Mag3vkLXLuddVTd01kbHo38boM4wCgfsP5RzHzgZYhexjFZYiu2YtwaaC0mpcSZtQrakdIt_VSv_7nByDK-0168vyDqtTCxWoYHPL5y5fmZAt6TV649iO4zZV4ybnej7BRAmNZa7RVqx6QKLQAZKN49fLmpky2W3QhQdAxET4S9-X_s-mb7M-EDwCHBOga83U4QbW6bRO_OEbMuJUTYZPeURz2wVzfWVu2q6YSPrL6Du5be68sVDUgyZQijnrlHJtfL0eXROhAE7RklTDD7Ml0Je_VVPZ5V0DE8hT22rrjA-POOB-oYsvprQLPif_1cp-lrgA1bwJ472zDQD1Gvyw6sEIvwHIWX0GGmEUzP2bKLBQbH7fMjrlw_sAOimX4N6rzeKkY-8sEJySB8A2t8G6zrm2JEsclEekH06oDX5pmzMzTjSxvRV74DdmOz9UuagJd7gsprKEDu-HsQXbfhnvb1SM31Xv3oIOBpxtYbFZ1BEm-WhF6EAFqPyW65lKc967d7XJSa3ZpmzRn7bsRlxleDiTaOsdui4j8uqpvOGlWWmU7MTVtm8l8kyYIMQT3fPa_cSsrzYkEgushMN6hTWWQGje_Emi3McfuHbHCxJ7WfwiR2rFybDby-dhCC6w2ehqV6x4Y3fZO2JsV2e8tlbbwuVIbPM4aV0xZRYTr0yERibdKVJAa6gK42u9rTKPgxs85dlroQFS20x5na8Qwb6XB21KwpzUXqTnVhTyPZdGmhmsza5_8edE5btEoW15al4wCc1jZ_zc8XVt-88QDLiVasEuSQZJtbUYsynQuhjx9D3Y3eIooTk3WXeyGoWXrcMB3fUrHHFr_R-G6gI4JV1m_NkyV8n5Dxzl-3nlcL14nF2jZbIv4b3l2peWFjSj62pRvjtMP24X6SPlWRa1SSkydsYeRNgtSzcIpE7F5ru4R_IkwTwRBIeU8KEgnLo8XRX9zgs1hu9Dcu8F29hriCtX84WggBxIG8EVtvVqUPtunh_PJUS43F7w2y0wJfM9tvOdBGFBRz4bJIQqV5m00iPNS_ZxRyqBwmLBknZwiVDxF3Tkt9AoVDz6wHu8d5fOy7e6t172XX3G1mN50UGjpMKJAQ76jzr1hC6TiGitvunNwf-GFl0a8ONkPtGFQL_Pfqx430zGrvJndRyKkXYWNZ5Y0r0X9UrG1TjE5-9GceNBzLZj0t6nlKaucZCg2Dh03uXojdkLChOPeiyNSl50LqnpZxCPkYEnrOTwC3QLl-9t044k1LR2B3zSz9hIIENuvDb5whMnHgi8MeOnA9ek-wJ04CQqmExr7yuBqGg1VJ7isttMgjcsJXGNK2UMnhUqeZmrsJEqOQqcN2nQXWWk0D3UvaAP1VtPmRCvV8-YuNPi3HxY0ooyAvCqX_aJpGnVRHGHt1MWL4zwRxbyNRQkKdlf1FTJjUk5MndUJtuhBSsCX2LJ7KCzIE6IDPp0Mp9M0KI4V8N9yxRezoKAedQSM0lYQZ_IrV95FzdG01fm-zYQhl46qT83feSUbqWxrS2lKoygalQDknTxFj61zvig9hA40Z0Z-VhRtMK79kCZSeRG5p4Y4ADiW9WZvOa8pVe-di55tN133CLyGbmQ8CmXU5mlsAYmCxE6Xj06bGDxeGwax_rXFKQHMjhN-qvq55YlsRpAmxCKfgk7T2Ar8BCUB4WThLSPeGW8dmgLuJmcQo_jc2SCT1Xv_XlDaZX2nMPoUqPBPb-kGDi5_BF6d2ImcatYqNYzaDXipQDjm3b5YhsDAxMYTp6FiwSp77BWdHO5IxA1SbgHHnMxDRPJ-N4Wkz1FY8OAn6dArf24NLMU-KWQUniuKLXPlZLEg3lNHHAgjCEk6z8Xl1NdMMyehsU7JUvjG2gTvEusGsGUoL-imxI4u79lHv7E7lhhMe2FY24S4Sf7vv_0YA8rywpId5x1VaWo05BmZT--OCFAXFF71tTSpwGnctnXOcHQ0R2k2pn9pyArTCf-rqOfHbnhANba1bsMEu8n6JjXBL2yA4c9aQ7pvW2D41hfNghmtgEesLFPqDq4RiD9mjyrD3XoXxamHmgvDOsOSDKN9tuHiS3ZjvUHTH7FYE_azu1_wP5NYSoWuRMUX8OI2JxWm1jaJbLIuLKTF1fNhK72gIo3fIL6Vs5Tz1w9YdftfzWsMxK8aHiRmhzemGn_xY8Y2Z0Ak-BBzsfUQB1CI7qmHgA3EjKBXrav2n78KdBuHKFk4MGtgph95iwkvgGHLv0zfuvLA76_Feo_ZisXalloIuE3jr-FfeYnnvR8MfAX4r1kxnZaBkpBl14rbNbkk8XYMxGtillAFbpmL1xOllCat0pk62n-D3t9dd5HSlJt_W76NNWIFgRG4HzF_9A07n-76KKFG7ueRk-Poga4nGDqNts_s1BHVJibxoAJJ3vJJMXPf4zpcq-C-q87lmtGw0-MZP6AypbvIdn9Q5PQvrHC5cexxzCeRPrTa_luHh0bmC6ErTMD_NiYst-3lbYUZ2SUaVknZdLyoswDVaafslCOYfEtGD8EyBouxwI2mHnzmEu0NCUADfKFgHEQ0tJKxQ8RcPQA0wJXTSB89ugNhXNvypfc1h_3lgHen8kk7hvAzEgDHN9nNyXR7627R3Ekb_3LUfLHuB2hBWNxcZxhWI20oVVzDL1v3RAAnFy4AYjLLGkAGAoC1r4jkS9FVr7xG0y5SXK3UqrSDnZzzhQU2LwdwZQiRpeINZ6NpuBUS18c8vk2Wore0HG3-5yhnOVN20y6xky488oBZJy9TXdQVR9NFgvtoqY-_OkgaTdP2PLRqFqFL9fuPk-fxBzVCmi_49HPKm_UV3RJrQ5PNAXSFKUl6ptwnPtmcF6qPEA0A68HyraYo35GBJIpD_r2Q_HUNBm4bWjXgmwLXsGnQ3B7eGlcOeRuRHej1cbRrnAtS8F5U689zcTl1vO2L1q8-C2hOHwu-eO1FRi5UizRwh9TUyXRwGJUs_ccolUSxJwy8Ltoy947_itltUaQh7xMR3EbT5jQKVbVFYRn1r1Zh722wChO0J4VqHDC5E0yGQpS--zvEpbW7YPOGX-SOjcjIJuWknCvpTddNhV26WphvuRFndq0_baC6HOboQSGcM97sg-oGYxDDhQgh6vdAar3atsARXrciANShwcGR_PXSBctCMmVYt0SRoTvcbTHSBc4Msd1T6Au5ve0RgrX0_LbQBWE9g61m8p7RNEM6yQzDe41QZ6oBC96RQL5evXqQuO0alvqBwTXnnky4mNvLovaHg6eBqOZU8g6MqTP3O2CwekLM7hdenjKe4Kh1HzalLbmSYzu2iikCJk0nvrwGLmjNfoMbSSxliYMFOOxtsAu2xyNsQ&cid=CAQSTgAvHhf_SThJsq-fYAgx-ptGxNjd2qL_DPWWvAFi8yfEq8YD6lIoy9tNC2MxDJdq95c7UT7zg9NnjTtJRiSTL9fmsS2iq4M035GZO05kRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkukuo.tw%2F&ds=l&xdt=1&iif=1&cor=13054847087612367000&adk=1726166463&idt=176&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:31:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 4CD1 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 23:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 23:06:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4CD1 41 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237465
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
DATA 200
OK truncated
/ Frame 4CD1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86609ce6958b06e5d7539c67ffb8937dec6dc69058b4814400f3005214c1060d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5325 38 KB
13 KB 31ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 222883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5325 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 11:41:03 GMT

GET
H2

200

firstevent Show response
jpmcbankna.demdex.net/ Frame 4CD1
Redirect Chain

https://jpmcbankna.demdex.net/event?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990
https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990

42 B
727 B

35ms
35ms

Script
image/gif

52.30.50.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

52.30.50.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-50-237.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0f36061c8.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: FAc1bMUCTFI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: lCxHYjalSDY=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/ Frame 882B 81 KB
20 KB 58ms
19ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cace3b76bfdfb8e5cfedf73f97e1c882e267754a9b5e8aec10654adcc49b9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 259428
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20668
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 14:01:45 GMT
expires: Sat, 11 Jan 2025 14:01:45 GMT
last-modified: Fri, 17 Feb 2023 17:23:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4CD1 0
0 134ms
64ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTbms1e4w0ZPSyeJfrW09jmNTWNM0JbJzGj20DojAp4m7ME37-NdLd6YyztWZaOSJK7Yry-rtJKlZYrqeKOLJyJ1kqtHV7lUqtvrrEA6ZTLKOL3gPiAcrxZBF8KzEGpfeRVSNcGXlMlVEa2--EgQL0qV_SLi6oCrvtEKVFcs_zoQ3ATZQcFP8asShnCRkoifAeILWp6A3kvQS8qELt4SV9Pvmzbagiw-rJM9yDj0HA-exUTUrYmVbo0QTLwBnegKxL5jCTLbLN6Qc6EZKjr3YTB-yFMhVuaHH17nNeiQpHaLQYhEH_mUhvPkSZetX42CMID7OpEwalLyG6zmhgOpOvl4iplGAGUNTDjw7_6SJ5Uv4xbX3YHRkkGgCTCKA-dOPcGlBBjUOnTHScGUBXr49Yj1SrsMpJDiypLFKKKtLTZ9vonHr7GtAoVImmrPDFfG_9FieveSz-RhNJqPkjBZnfY1lQs7HI-0L77dHnV3tEE-VEGU0lH184Kql8Jye0UiOpIBk8JkIMA4BnhiI7G17tf2LbcDZ5I0aYgMi7wnk-La5Yzur8J0udzR0A-yCPzDCebvkVHGMKwW47Jloj8CdlsLo8DtsR67AcamxIfxjIpLuJYlSGaN1Jofr8Av4NAqJnOkAHThNu71oC3sLNGrmTqu29NYPu5phSkXiroY5YyTy4C164w_4kz-Q8CdFyZ--Iv4MR_cijXJ_hMDErlIY9-u-XHRt7E_xWSBnFZmACEh2Y4oSc75iUzsXcOAWjiFq8txEsdoUabJLc4hGtni3JSNhWF46cp0p10pIFcEgKYmp5gt4nsdXWtqvVmaGQBVuZp92tk1bUjc6oT_VZTmJMStiKxRgPFT585xD29d3cRGp4RuiupxIuWk-Je8Fs6baS176AgciflwQCM3j-BF-_qNnaqAmqZJxts0-Bdl9nkUeN_AAYI9sL89Eqd5UKZrcUf9OQ2fiEHo5Jgc_wumKZj0uHFOmfbKk1F1Tq8aS1PBL06c_1gM5kUs0IUqAAWQ2ITW6sIyT0t3JeBTNi7Gjfcu_WoRupx00o5KBSXqnPqjv7cF8ETtro-KM-TpuF2X75CT4nUoD2JTHPtH6fvR7bTO6_a8oBb_KXtU97Kv8miPEy1wGWQzKwsPHUzuLtHHAuJq2kBZGjjq9FCO6z8gvlMHvv1o8uQ9MqUUu7uu1WQUVqO2lB9esciRBk5mNA_W9lJVmGnrJDoM5vj0knyAi-1WUUKnIy_4xxuA&sai=AMfl-YTnMS-R8q8pDYXuxy6rkVBMX73C9LL6EEyXYw7BNVCr49cvghW4ttfSJIOWlp82hvaH7T_oY2gPZCdjjNQ7ZWGhWVduIi05MXbfKlqRy-I2a8UeQXLdQk5SlAIXf1PqvIicMedhRPGKgr80MWRfY2pNNE238f4SclDXtznNfj00Kig964BGWUzNcI9b8463m28kRnOSJ_bXyXsP_H8Dzj5HCkw-Ulty6xi7jO6JiI3iPvXuIJ7moHeYh9oTBaLIsD_js1hYmlhzZkQJIyd3MDnnzZXz4fjKjH8VEw&sig=Cg0ArKJSzHhkUnRFj5sZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=91&cisv=r20240109.94746&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 main.19.8.473.js Show response
static.adsafeprotected.com/ Frame 4CD1 214 KB
66 KB 91ms
29ms Script
application/javascript 2600:9000:26da:e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.473.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1376168/74274314/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015253484&ias_pubId=pub-6066385171022240&ias_chanId=1&ias_placementId=20871779973&bidurl=https://kukuo.tw/&ias_dealId=&xsId=ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h2lJkJ8IIZS8Zlx_XWKYeK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:05:29 GMT
x-amz-version-id: TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding: gzip
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 248405
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Jan 2024 21:47:36 GMT
server: AmazonS3
etag: W/"38edfb290172e1aef8532f19eb4cbbe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: rNwo_kwvZCGJjxE7Kj3cssGDD2rKyxGo9Mej0WtcLuwUo98wUeAOWw==

GET
H3 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 882B 139 KB
48 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Jan 2024 14:19:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5325 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhcQ5rTulZd6GAbKs9u8PhMur4A8AAAAAOAHgBAI&bg=!trWltfrNAAaumcC-jpk7ADQBe5WfOJcui-12BCzYc9lnH6MuF8B7_TkjM8WEQ_j_CyOzyUaZC_NNtbPwa_7bfHDdB8llAgAAADBSAAAAAWgBB5kC_fmBIWfs7vZKjio9xpmXpT7KBD58pxUrbN_EqIV98hi_pRmCyVQU77QtEO0-VMS5oQR98WSzms7QzXxUMFoM3YbSq2HVlghRzVVFdubb_J8C1AznbPnkvwRo9lJbdcNxaJ12KvAFn-4kBodXHjMxkazL3Dz9LohvYSzzO0ACyT-u6TGoxOzS_4Pge1SkyLg1zqlplnHYOiPbd1_4mk4UGfHtv6YrS8jmZVyusavuw0F-QRxcdCmQUQvEFOgZ8Hep9CdsRTW_6r8Lb5cXSmptT_zKYA_zdLMPCuoO_WMsqsoup3purRw-9kWLR37HX_rUfPXOOkFJIJ7cq0yro3508qnOQyNrs_fR2uDpQAnAiKIhBOewNV-xawSfq0MJ7J_bqziO6H0_rihewYTLIMUXwJXJFgxJ7PN2gPk8pysKotS0rjSQKd0iRCUpPsyiCIMZfiiG-2xzx9WQ-L4287NWUbzLGODAn-pBu_8rXx3Z-kSF23DK5-sqfUgfwDWRAVqPCUNTqmX9Y3pd4dhy0EZCsV21z2BzdWn3XXS4Ww5FrIOBl3GEPWe8-JVi2IusVdaYd4Gid_YOnbRlRiosAYzJgriStcgoFnyPzIHaPKvrWtndlE6MkEf3MDhTDVVgcuwlMh0qJvPp4l-MykYgPpN1rZax9hbp_NXmA2BnyIk9_LsHZeBVCJmwS82fs7sG8WAmCVXmB-4Mn5WaWzX_5KBnseCtBYTGfFjlekBjYc4qVlMza6GP2KqY-kRkgBou3ztaH6wb66bQNtnGqWFwnqcl5_fQ777E8vrrCCzETQlLqk-3oF40yG56_bZ48loQOYMAbFYZ6FCCIn3f1VwLSHqI4_a6TJ4LqF_7BfCVsj8PllQWFe-A7l9fD5C_eWKZM79LOXzrLJbAWFthctH3-XFe8jtFJdAB6EkGsRp3IJbAKo578YIqJSsgqjbk6XT2hsbzt3rdpWeeCN5su-1yee10n-dbKjPG6xBW9Svl8dW6MATGMdYqmHbTwuCwddixwA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 RecifeDisplay-Regular.woff2
s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/ Frame 882B 10 KB
10 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/RecifeDisplay-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eaece3ed36cb37ab5772ef6ee17f6250696b97e0d2fe3da781e1ac7baf658ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:54:19 GMT
date: Tue, 09 Jan 2024 08:54:19 GMT
x-content-type-options: nosniff
age: 537074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10652
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 17:23:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Amplitude-Light.woff2
s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/ Frame 882B 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/Amplitude-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1164695e5252ac0b10152cc8a2dcc4ddcaf5b6d817a50b73df071ae53b69469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:54:19 GMT
date: Tue, 09 Jan 2024 08:54:19 GMT
x-content-type-options: nosniff
age: 537074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15324
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 17:23:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Amplitude-Medium.woff2
s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/ Frame 882B 16 KB
16 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/Amplitude-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db005de79ce2fc38e54b128b0b4735609d40ed7c3ce00ec8ff4b27419f012d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13483266999909880641/JPM-WM_EMEA_NL_EN_2021_PB_NA_WorldsBestVID_728x90_BAN_V1ANIM/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sun, 12 Jan 2025 13:08:10 GMT
date: Sat, 13 Jan 2024 13:08:10 GMT
x-content-type-options: nosniff
age: 176243
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16108
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 17:23:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4CD1 0
0 57ms
57ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTbms1e4w0ZPSyeJfrW09jmNTWNM0JbJzGj20DojAp4m7ME37-NdLd6YyztWZaOSJK7Yry-rtJKlZYrqeKOLJyJ1kqtHV7lUqtvrrEA6ZTLKOL3gPiAcrxZBF8KzEGpfeRVSNcGXlMlVEa2--EgQL0qV_SLi6oCrvtEKVFcs_zoQ3ATZQcFP8asShnCRkoifAeILWp6A3kvQS8qELt4SV9Pvmzbagiw-rJM9yDj0HA-exUTUrYmVbo0QTLwBnegKxL5jCTLbLN6Qc6EZKjr3YTB-yFMhVuaHH17nNeiQpHaLQYhEH_mUhvPkSZetX42CMID7OpEwalLyG6zmhgOpOvl4iplGAGUNTDjw7_6SJ5Uv4xbX3YHRkkGgCTCKA-dOPcGlBBjUOnTHScGUBXr49Yj1SrsMpJDiypLFKKKtLTZ9vonHr7GtAoVImmrPDFfG_9FieveSz-RhNJqPkjBZnfY1lQs7HI-0L77dHnV3tEE-VEGU0lH184Kql8Jye0UiOpIBk8JkIMA4BnhiI7G17tf2LbcDZ5I0aYgMi7wnk-La5Yzur8J0udzR0A-yCPzDCebvkVHGMKwW47Jloj8CdlsLo8DtsR67AcamxIfxjIpLuJYlSGaN1Jofr8Av4NAqJnOkAHThNu71oC3sLNGrmTqu29NYPu5phSkXiroY5YyTy4C164w_4kz-Q8CdFyZ--Iv4MR_cijXJ_hMDErlIY9-u-XHRt7E_xWSBnFZmACEh2Y4oSc75iUzsXcOAWjiFq8txEsdoUabJLc4hGtni3JSNhWF46cp0p10pIFcEgKYmp5gt4nsdXWtqvVmaGQBVuZp92tk1bUjc6oT_VZTmJMStiKxRgPFT585xD29d3cRGp4RuiupxIuWk-Je8Fs6baS176AgciflwQCM3j-BF-_qNnaqAmqZJxts0-Bdl9nkUeN_AAYI9sL89Eqd5UKZrcUf9OQ2fiEHo5Jgc_wumKZj0uHFOmfbKk1F1Tq8aS1PBL06c_1gM5kUs0IUqAAWQ2ITW6sIyT0t3JeBTNi7Gjfcu_WoRupx00o5KBSXqnPqjv7cF8ETtro-KM-TpuF2X75CT4nUoD2JTHPtH6fvR7bTO6_a8oBb_KXtU97Kv8miPEy1wGWQzKwsPHUzuLtHHAuJq2kBZGjjq9FCO6z8gvlMHvv1o8uQ9MqUUu7uu1WQUVqO2lB9esciRBk5mNA_W9lJVmGnrJDoM5vj0knyAi-1WUUKnIy_4xxuA&sai=AMfl-YTnMS-R8q8pDYXuxy6rkVBMX73C9LL6EEyXYw7BNVCr49cvghW4ttfSJIOWlp82hvaH7T_oY2gPZCdjjNQ7ZWGhWVduIi05MXbfKlqRy-I2a8UeQXLdQk5SlAIXf1PqvIicMedhRPGKgr80MWRfY2pNNE238f4SclDXtznNfj00Kig964BGWUzNcI9b8463m28kRnOSJ_bXyXsP_H8Dzj5HCkw-Ulty6xi7jO6JiI3iPvXuIJ7moHeYh9oTBaLIsD_js1hYmlhzZkQJIyd3MDnnzZXz4fjKjH8VEw&sig=Cg0ArKJSzHhkUnRFj5sZEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=230&vt=11&dtpt=138&dett=3&cstd=91&cisv=r20240109.94746&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kukuo.tw
URL: https://kukuo.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 4CD1
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1376168/74274314/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015253484&ias_pubId=pub-6066385171022240&ias_chanId=1&ias_placementId=20871779973&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
466 B

25ms
25ms

Script
application/javascript

2600:9000:26da:e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Protocol: H2
Server: 2600:9000:26da:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:47:57 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 21712657
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: zvAa4MaVAuUmCmhyuu090m3MYyKAmRCkFwKdRYDmIg1agNR5CZhEbA==

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame F2C8 91 KB
92 KB 28ms
27ms Script
application/javascript 2600:9000:26da:e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 14750523
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 75sbSqggAQ0pgY0NF6uU_F1ZajVY1TRM2YANQ-whdDB_AKD_e-4uRA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4CD1 43 B
215 B 576ms
201ms Image
image/gif 2600:1f13:800:7782:9ae9:c110:4e8b:64b1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1376168&asId=b1eb72eb-d006-6366-4c93-cd2522c852cb&tv=%7Bc:1nxkO0,pingTime:-3,time:152,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:140%7D,%7Bpiv:83,vs:i,t:152%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:152,o:0,n:152,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:83,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~75%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1rmxrK+11%7C12%7C13%7C14%7C1511%7C1512%7C161*.1376168-74274314%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:141%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9ae9:c110:4e8b:64b1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4CD1 43 B
216 B 557ms
184ms Image
image/gif 2600:1f13:800:7782:9ae9:c110:4e8b:64b1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1376168&asId=b1eb72eb-d006-6366-4c93-cd2522c852cb&tv=%7Bc:1nxkO1,pingTime:-6,time:153,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:153,o:0,n:152,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:83,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~75%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1rmxrK+11%7C12%7C13%7C14%7C1511%7C1512%7C161*.1376168-74274314%7C1611%7C1612%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:141%7D&tpiLookup=ao:kukuo.tw*%2Cgoogleads.g.doubleclick.net*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9ae9:c110:4e8b:64b1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4CD1 43 B
215 B 555ms
186ms Image
image/gif 2600:1f13:800:7782:9ae9:c110:4e8b:64b1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1376168&asId=b1eb72eb-d006-6366-4c93-cd2522c852cb&tv=%7Bc:1nxkO6,pingTime:-2,time:158,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:405,beZ:406,mfA:537,cmA:538,inA:538,inZ:540,prA:540,prZ:543,si:546,poA:546,poZ:555,cmZ:555,mfZ:555,loA:558,loZ:559,ltA:563,ltZ:563,mdA:407,mdZ:527%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:140%7D,%7Bpiv:83,vs:i,t:152%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:158,o:0,n:152,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:140,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B18~1%5D,as:%5B18~728.90%5D%7D%7D,%7Bsl:i,t:152,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:83,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6~75%5D,as:%5B6~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1rmxrK+11%7C12%7C13%7C14%7C1511%7C1512%7C161*.1376168-74274314%7C1611%7C1612%7C1613,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:141,sinceFw:16,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9ae9:c110:4e8b:64b1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 5023 9 KB
4 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6066385171022240&output=html&h=600&slotname=5905498375&adk=3868324476&adf=3137160835&pi=t.ma~as.5905498375&w=200&fwrn=4&fwrnh=100&lmt=1705327531&rafmt=1&format=200x600&url=https%3A%2F%2Fkukuo.tw%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705327531474&bpp=2&bdt=4204&idt=357&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3286711463539&frm=20&pv=1&ga_vid=2008292766.1705327532&ga_sid=1705327532&ga_hid=1547923843&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080260%2C31080264%2C31080266%2C44795922%2C95320869%2C95320891%2C95321627%2C95322163&oid=2&pvsid=853625137885368&tmod=146938356&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H3 200 9e7d3f247d8b0aa5115615da07ecb571.js Show response
www.gstatic.com/mysidia/ Frame 5023 42 KB
16 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16673
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:36:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 5023 2 KB
822 B 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:28:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:28:23 GMT

GET
H3 200 e9e356ec41155b008235c83648cb19be.js Show response
www.gstatic.com/mysidia/ Frame 5023 23 KB
10 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9775
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 18:13:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 5023 23 KB
9 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:25:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 5023 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 13:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 13:11:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 5023 20 KB
8 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5023 205 KB
65 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:05:33 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 5023 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/ Frame 77F3 17 KB
4 KB 31ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccab7efe5c92b7912bdf73b378fc273e10d2b3f217e7f1f804160d264604893

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5706
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4014
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 12:30:27 GMT
expires: Tue, 14 Jan 2025 12:30:27 GMT
last-modified: Wed, 21 Dec 2022 15:46:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5023 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0552755fdce060f9360b7cd7aa46f152c37c4e39240863d26c42e0f42498dfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5023
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClN6LrDulZYM4iaOJ3g-8irtI-47Xw2_3qaGghxHa2R4QASDs5ucrYJEEoAGnzKPCKMgBCakCSoEp5l9csj6oAwHIA0iqBMIBT9BS3O50zqMu94i31GnucNIT-IL3QwXozVFEZtse2jIJeGR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213367212770033821210%22,%22debug_reporting%22:true,%22destination%22:%22https://hobat.nl%22,%22event_report_window%22:%222...

0
0

94ms
54ms

Fetch
text/css

142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213367212770033821210%22,%22debug_reporting%22:true,%22destination%22:%22https://hobat.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210876413479%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217183259285452985393%22}&andc=true

Requested by

Protocol

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13367212770033821210","debug_reporting":true,"destination":"https://hobat.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10876413479"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"17183259285452985393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Jan 2024 14:05:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 14:05:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13367212770033821210","debug_reporting":true,"destination":"https://hobat.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10876413479"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"17183259285452985393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 77F3 6 KB
3 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:29:51 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 77F3 34 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:29:50 GMT

GET
H3 200 821265ae8e98c7fb652a17b3ccb69001.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/ Frame 77F3 98 KB
28 KB 37ms
36ms Script
application/x-javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/821265ae8e98c7fb652a17b3ccb69001.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb713d0f2bfa63bc9392e49f1b908e46f546ae683385b9da6f2b19a808ec99d5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 12:30:27 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 12:30:27 GMT
age: 5706
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28874
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:46:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 galanogrotesquealt_bold_400_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/fonts/ Frame 77F3 97 KB
42 KB 32ms
32ms Font
font/ttf 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/fonts/galanogrotesquealt_bold_400_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/821265ae8e98c7fb652a17b3ccb69001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d689eb81cdf1b2878dc0103097f9fbb4c569c42513076c15fe7e6c2039320506

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
Origin: https://tpc.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 12:30:28 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 12:30:28 GMT
age: 5705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43170
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:46:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c7e34447e4fb2a2543213368146e2d57.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/media/ Frame 77F3 13 KB
13 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/media/c7e34447e4fb2a2543213368146e2d57.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f427f2b37831f78805c9694e329997a990736d660d18bfe0fee21ba2bd27651f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 12:30:28 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 15 Jan 2024 12:30:28 GMT
x-content-type-options: nosniff
age: 5705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13238
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:46:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c1bc1a700f6cd80bd7c08751389c8d6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/media/ Frame 77F3 3 KB
3 KB 52ms
52ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/media/9c1bc1a700f6cd80bd7c08751389c8d6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c54c948a54ccb0d2c1640dfd6d1f42c3bbed85581a89d663745a481559d1bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13695824434448697579/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 12:30:28 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 15 Jan 2024 12:30:28 GMT
x-content-type-options: nosniff
age: 5705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2880
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 15:46:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 186ms
54ms Preflight
text/html 142.250.186.66

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Jan 2024 14:05:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BEB 50 KB
19 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 13:04:27 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 77F3 50 KB
19 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 13:04:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4CD1 43 B
215 B 237ms
185ms Image
image/gif 2600:1f13:800:7782:9ae9:c110:4e8b:64b1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1376168&asId=b1eb72eb-d006-6366-4c93-cd2522c852cb&tv=%7Bc:1nxkTc,pingTime:-10,time:474,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705327533686%7C%7C345d667b3c2c931cf392993dd423440f%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C903f81870a6c288975e6c64fba32c2c6%7C%7C2760d7536fc47e82d19622f25fb663a4%7C%7C5695e7589b2e4f6c5dbbf3e74cc958ad%7C%7Cac5a8b17f42db9ca25889e3235bd3893%7C%7C8ba52343a049333dbfc4470da8f59368%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:9ae9:c110:4e8b:64b1 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 14:05:33 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST matomo.php
matomo.kukuo.tw/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: matomo.kukuo.tw
URL: https://matomo.kukuo.tw/matomo.php?action_name=Ku%20Ku%20O%20%E5%AE%98%E6%96%B9%E7%B6%B2%E7%AB%99&idsite=1&rec=1&r=431336&h=15&m=5&s=33&url=https%3A%2F%2Fkukuo.tw%2F&_id=e83b65cb65ffa601&_idn=1&send_image=0&_refts=0&pv_id=3wKUj9&pf_net=35&pf_srv=792&pf_tfr=1&pf_dm1=2377&pf_dm2=489&pf_onl=0&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kukuo.tw/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6v2237eo3rijbmhsgmame4eojt
.kukuo.tw/	1970-01-21 03:18:07	Name: _ga Value: GA1.1.2008292766.1705327532
.doubleclick.net/	1970-01-21 03:03:43	Name: IDE Value: AHWqTUm1bPxtGGn6XHUcHECXE6zDcErQAgvovYFAP89HnUJxE-0mmiknO1Ev4iuT
.kukuo.tw/	1970-01-21 03:03:43	Name: __gads Value: ID=674fc5b2708a5b9f:T=1705327531:RT=1705327531:S=ALNI_MZG2rdE3AQDqBnQocCNFg3SYGmZ8Q
.kukuo.tw/	1970-01-21 03:03:43	Name: __gpi Value: UID=00000d41c1772151:T=1705327531:RT=1705327531:S=ALNI_MZ9umUe4LYrRkbYeZ4NlGPyYI4ZLQ
.adnxs.com/	1970-01-20 19:51:43	Name: uuid2 Value: 4556869432938681695
.casalemedia.com/	1970-01-21 02:27:43	Name: CMID Value: ZaU7rDwAxP1IFpTWUlgvWQAA
.casalemedia.com/	1970-01-20 19:51:43	Name: CMPS Value: 1207
.casalemedia.com/	1970-01-20 19:51:43	Name: CMPRO Value: 1207
.doubleclick.net/	1970-01-20 17:42:11	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-21 03:18:07	Name: XANDR_PANID Value: ClwyOTsJcasjqUqrqouIryaQaphpG2fc8s1o4oxfs0HBNLE5RZC60ugaLM8Yr_eyifFCmdNmtXrpmP9AsI8ASBPnStHQ7t177Y1QnX3jh0w.
.adnxs.com/	1970-01-20 19:51:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?`m=(vf!]tbPl1M>e)ZlrFUfJ+tGXxoL^'=sX:u*oQ[/Lu[b9i^0Id+rB[8.po?vE9K3If)y3KL9D3I?+gN2:8L
.doubleclick.net/	1970-01-20 22:01:19	Name: APC Value: AfxxVi7_XuO_3W4Ji2-G79MGWptFEIOJduBeZy94NRAwHoCt5-WSyg
.demdex.net/	1970-01-20 22:01:19	Name: demdex Value: 14438217909975963904569430661341204097
.jpmcbankna.demdex.net/	1970-01-20 22:01:19	Name: jpmcbankna Value: 14438217909975963904569430661341204097
.doubleclick.net/	1970-01-20 17:42:08	Name: test_cookie Value: CheckForPermission
.kukuo.tw/	1970-01-21 03:18:07	Name: _ga_RC4SDMXYPC Value: GS1.1.1705327531.1.0.1705327533.58.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1 Message: Refused to execute script from 'https://jpmcbankna.demdex.net/firstevent?d_event=imp&d_src=441384&d_site=8504253&d_creative=187538610&d_placement=375677693&d_campaign=29443218&d_bust=4176866990' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
jpmcbankna.demdex.net
kukuo.tw
matomo.kukuo.tw
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.cloudflare.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
matomo.kukuo.tw
142.250.185.130
142.250.186.130
142.250.186.66
172.64.151.101
185.89.210.141
2001:4860:4802:32::36
2600:1f13:800:7782:9ae9:c110:4e8b:64b1
2600:9000:26da:e00:8:48e:53c0:93a1
2606:4700::6810:3865
2606:4700::6810:7b60
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9b
2a03:2880:f083:100:face:b00c:0:3
2a06:98c1:3120::3
52.30.50.237
54.155.202.187
00ec1d32956af82b6bd7db7ef54371f451dfc4efbe838a6f03683c8950864f95
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0431aa6b194d9981f42f678546c3144e36b6ea28ad73ccc311e13fd5c87ea527
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0acbf99dd9d85076aad9985fb3be040864feec88c232e0d71219badcff61c457
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10c54c948a54ccb0d2c1640dfd6d1f42c3bbed85581a89d663745a481559d1bc
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19fecbcd15a3b642a1e2525c8ea48662f83c4c18fc6b8db72ab255840df24d50
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bc1c7a65fe3e2abda0e804b42f54895a060080221bbb8664fd18b323fd5df52
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b0227f45e3406a274fce5f61ea736b3a1ddadae264d51bfc97d8a1c7d775747
3dc31a88f834f3ad0af3ecdbd6c9ad3dc1612009d93ffd9ff47261234f495e3a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cace3b76bfdfb8e5cfedf73f97e1c882e267754a9b5e8aec10654adcc49b9ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53dee09053cf1209b22dc12b61e64e80df42ecf88f5393c9124b852df52f7987
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e90f0ffa457ebf33ce6285e7ab08f9bfe26fda4e8a6fcc4567cacd2bd0401
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
669add1825f3f007e1687e0f750cd68eb5eeaae544c6572fd75df7815f2c74a2
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f7e921b3104dd273972df43ea6e6fe15f750d7485ee2f33aa7a8cb2b3bb840f
6fd313986aa66c451b23bd1e6360904d830074807c078abce882d3c2b14ee0a8
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
74fcda6164823d4e17663bf4d3dbe155a12cf28138fb2965013fe78878c4e05b
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7eaece3ed36cb37ab5772ef6ee17f6250696b97e0d2fe3da781e1ac7baf658ad
8352d908f5aeb35f901dbd0a9ff03a4bdd7b40d4de2c4b1ce08d48905cdf31ed
86609ce6958b06e5d7539c67ffb8937dec6dc69058b4814400f3005214c1060d
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
985643349b741390b4b2204caa1384aff3d270366f07abccfe5d523e569ee653
98a99458ec6d87c9846b8fa8e5a78893f269ff0b9acfcddf1f34f7903c3d4f67
995f056750ad0a9b363140d531b07d2b96f78e0d5391083e4c6f884606a886ab
9cf687d536a445f33008c81b8a4a0f45316695b845d549e46edd32e3998d6984
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62253dcae8ba70c193adf071b5e2519813816a8176d6079f8291905cdf598b4
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be15d6f130896844583f9c6e335eac4034c169fad300169df4fdacf4cff57798
c016f21a79359e41cfe73fc257dfb8a5b5e4bb6306d47945b5a60be976ea5a70
c30bf523b9704198fa4901e63a56639c64ae3681cb86e75dacf5a9dcaaaf5de4
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
cc2132b3b78cb5d94db249604f4796826a7196afa1aec9e9edf06dd68b0ce1dd
cc3224960c201d71ee7c96e58670188df30dd61e93c33bab4bd21ef2e19c6092
cccab7efe5c92b7912bdf73b378fc273e10d2b3f217e7f1f804160d264604893
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1bfd44b8bb88ebb8a37a7777ce5e4e8f5b9f09f3fa0aea00edc24e0c4907536
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d689eb81cdf1b2878dc0103097f9fbb4c569c42513076c15fe7e6c2039320506
db005de79ce2fc38e54b128b0b4735609d40ed7c3ce00ec8ff4b27419f012d4e
e084965368a4d0b4e7b7de39442e94ee4ed8ac47a28e0089d6763644d22cec6d
e1164695e5252ac0b10152cc8a2dcc4ddcaf5b6d817a50b73df071ae53b69469
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0552755fdce060f9360b7cd7aa46f152c37c4e39240863d26c42e0f42498dfc
f427f2b37831f78805c9694e329997a990736d660d18bfe0fee21ba2bd27651f
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
fb713d0f2bfa63bc9392e49f1b908e46f546ae683385b9da6f2b19a808ec99d5
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

kukuo.tw Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

93 %HTTPS

72 %IPv6

18 Domains

26 Subdomains

26 IPs

4 Countries

5210 kBTransfer

8050 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kukuo.tw Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

93 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

26
IPs

4
Countries

5210 kB
Transfer

8050 kB
Size

17
Cookies

116 HTTP transactions
2 data transactions