www.todawa52.asia Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://todawa9.asia/
Effective URL:
https://www.todawa52.asia/home.php
Submission Tags: phishingrod
Submission: On December 17 via api (December 17th 2023, 3:40:36 pm UTC) from DE — Scanned from DE

Summary HTTP 90 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 16 domains to perform 90 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.todawa52.asia.
TLS certificate: Issued by GTS CA 1P5 on November 26th 2023. Valid for: 3 months.

This is the only time www.todawa52.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:8e6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	211.226.25.200 211.226.25.200	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
13	202.97.174.25 202.97.174.25	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	101.235.211.24 101.235.211.24	9569 (HCNSEOCHO...) (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO.)
1 2	88.221.124.15 88.221.124.15	16625 (AKAMAI-AS) (AKAMAI-AS)
2	99.86.4.64 99.86.4.64	16509 (AMAZON-02) (AMAZON-02)
4	104.18.21.168 104.18.21.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.202.57 2.16.202.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223e:4e00:1c:70ca:66c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:214... 2600:9000:214f:3e00:18:c55a:9580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	220.117.190.132 220.117.190.132	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
90	25

1 2606:4700:3035::ac43:8e6f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

todawa9.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.todawa52.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 211.226.25.200 (Yongin-si, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

ad.abchub.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.aceplanet.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 202.97.174.25 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

i.keezip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 101.235.211.24 (Seoul, Korea, Republic Of)

ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR)

js.ad4989.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.124.15 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-124-15.deploy.static.akamaitechnologies.com

ads-partners.coupang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-64.fra6.r.cloudfront.net

partners.coupangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.21.168 (None, )

ASN13335 (CLOUDFLARENET, US)

logs-partners.coupang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.202.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-57.deploy.static.akamaitechnologies.com

static.coupangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:4e00:1c:70ca:66c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img1a.coupangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:3e00:18:c55a:9580:93a1 (United States)

ASN16509 (AMAZON-02, US)

t3c.coupangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.117.190.132 (Seoul, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

engine.tend-table.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	todawa52.asia 1 redirects www.todawa52.asia	36 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	88 KB
13	googlesyndication.com 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	61 KB
13	keezip.com i.keezip.com	969 KB
7	coupangcdn.com partners.coupangcdn.com — Cisco Umbrella Rank: 212110 static.coupangcdn.com — Cisco Umbrella Rank: 168796 img1a.coupangcdn.com — Cisco Umbrella Rank: 180816 t3c.coupangcdn.com — Cisco Umbrella Rank: 398319	104 KB
6	coupang.com 1 redirects ads-partners.coupang.com — Cisco Umbrella Rank: 128005 logs-partners.coupang.com — Cisco Umbrella Rank: 180304	7 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	178 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971	52 KB
3	ad4989.co.kr js.ad4989.co.kr — Cisco Umbrella Rank: 142428	18 KB
2	aceplanet.co.kr ad.aceplanet.co.kr — Cisco Umbrella Rank: 282241	4 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	135 KB
2	abchub.site ad.abchub.site	7 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	tend-table.com engine.tend-table.com — Cisco Umbrella Rank: 135947	669 B
1	todawa9.asia 1 redirects todawa9.asia	428 B
90	16

	Domain	Requested by
17	www.todawa52.asia	1 redirects www.todawa52.asia
13	i.keezip.com	www.todawa52.asia
7	static.criteo.net	ads.eu.criteo.com
6	imageproxy.eu.criteo.net	ads.eu.criteo.com
6	tpc.googlesyndication.com	9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	ad.aceplanet.co.kr securepubads.g.doubleclick.net 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
4	logs-partners.coupang.com	partners.coupangcdn.com
3	t3c.coupangcdn.com	www.todawa52.asia
3	js.ad4989.co.kr	ad.abchub.site www.todawa52.asia engine.tend-table.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	partners.coupangcdn.com	www.todawa52.asia ads-partners.coupang.com
2	ads-partners.coupang.com	1 redirects ads-partners.coupang.com
2	ad.aceplanet.co.kr	ad.abchub.site
2	code.jquery.com	ad.abchub.site
2	ad.abchub.site	www.todawa52.asia
1	www.google.com	tpc.googlesyndication.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.fr3.eu.criteo.com	9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
1	www.googletagservices.com	9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
1	ads.eu.criteo.com	9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
1	engine.tend-table.com	js.ad4989.co.kr
1	img1a.coupangcdn.com	www.todawa52.asia
1	static.coupangcdn.com	www.todawa52.asia
1	todawa9.asia	1 redirects
90	26

This site contains links to these domains. Also see Links.

Domain
www.xn--2j1b408atji.net
www.uuoobe.kr
wekoreatv.vip
www.tfreeca22.top
sekder.net
1bet1.vip
wn-st.com
ww-ot.com
drugpharm.blog
nulpurn.com
filecast.co.kr
herbmming1.com
koko-2011.com
0303.spzhspzh.co
nulppurun.com

Subject Issuer	Validity	Valid
todawa52.asia GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
ad.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2023-11-29` - `2024-06-28`	7 months	crt.sh
i.keezip.com TrustAsia RSA DV TLS CA G2	`2023-10-12` - `2024-10-11`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.ad4989.co.kr Sectigo RSA Domain Validation Secure Server CA	`2023-01-17` - `2024-01-31`	a year	crt.sh
*.coupang.com Sectigo RSA Organization Validation Secure Server CA	`2023-02-16` - `2024-03-04`	a year	crt.sh
*.coupangcdn.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.todawa52.asia/home.php
Frame ID: 1ACEFCEFE49D793B3BE120C3EBF0E45B
Requests: 45 HTTP requests in this frame

Frame: https://ads-partners.coupang.com/widgets.html?id=733320&template=carousel&trackingCode=AF1258410&subId=acecooppy320&width=320&height=480&tsource=&rUrl=&tag=js&resolution=1600x1200&serverBaseUrl=https%3A%2F%2Fads-partners.coupang.com%2F&logServerBaseUrl=https%3A%2F%2Flogs-partners.coupang.com%2Flog%2F
Frame ID: 52A157820948807E09D820FEB63C614A
Requests: 11 HTTP requests in this frame

Frame: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNTIuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1702827631196
Frame ID: 0E6827E2FDAC632D69169CC4CD9A73A7
Requests: 3 HTTP requests in this frame

Frame: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1568D9624A1DF3EBFC0B67AC4507F247
Requests: 1 HTTP requests in this frame

Frame: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83DAECA7DB0618BAD0387BAB52151D58
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8WcAAAaVsH_aM5AAbwwkejrL_28giWTALf6w&u=%7CAivdXJ4RUsY2GQgZEQrb9pYxcKf6CakAHkO8bda6qw0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZXYc4_cGLuk2AFg9wCwpotsK6z_rUExqwXZjzOwOUiQccLdVPWpkAooS3cQ6NhQDCT8RDPSdONo2J_ORs-Y36YrqeC204JW3HWirdnvVyd2pNWeECX_ZJ0ccCRtBRlB0JnRLTgDHP-tyLVZU4xx_ETb85kVBjHjor1XIoBcphEJgDEAkGs3VJ_JWhX4L2dNZvL57A2br4X_l0pFLqlD9kZhQRgefGyoRv0X7-c475vjmRFbWDjDJrcpsAnC2jDN2AfQOZwaoKoZtSgbJys1Pk1Gzo5g4DdxvY4AE6lbCOe3-dbgXECEwNGgIutQQt6vWopuP_SZ37S6DApa204aStPPTlHzLOM54S4EFQ646yu9mqXaetUyKqjuPUDSyOT1kI5Yf5k5QZpQp1uaOcdnoGMd5niJH2VANBRgXRtXV7A385zuqNPM3E0wU9m1outMC2h0JCj03Je_yMfUyY1p78WMXZJL7Y4VOW8hzP9fMNZnEnSoZJ51G6QvSLe2sMrhOF9T-AoLGvYt76OwKl1NVNq71IwObvZqbXo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIaszcBZ_ZdvSAbnG9u8PwuGbkAPJntKxXNWdkfdwwI23ARABIABglaKkgrAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSwAk_QqjQCSYlxn2Ch2Mk2M_vckp0utjtMkx9yqo_aDubbCP7AGUjBBkfw4MbXVlnkNsOZZRaUj17q-SrmRmJa0wb58gbAW6GR_LP4wkP0TRO91DJoK-ko45VO3iodk7pXWNWi_ETV8oHZx1jew2UepDFLUzhvMlQ7mGJFjeiGdchV6UmLdXISDVDMTd8gGH71WEpsazdOsuKld7XBL3sFDt1NT1SRi2eMRWvX28Emy3lM_3mBnyN38ZFUpBtMsFfK0JenfjQxDjK291h54s_AQFTe5ug1MDVy9LHLO2qH7kvn8jybG-aO2z7vMpQv_L6cbyjLvR1b2XzhFbZAFVuynkdQHwjH7_qf4plB2wC_-SACh6_h2l6QatoX69hQNKOj4lig5tX-YexJbCMBEieJnKrgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_8_mg55aDA_IIG2FkeC1zdWJzeW4tNjk5MTI3MTE4NTM5MzQ1MfoLAggBgAwB4g0TCMGs-qDnloMDFTmj_QcdwvAGMtAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sEQdxuN0wsPx_SR87mZCr0nGypQ%26client%3Dca-pub-3665575696298773%26adurl%3D
Frame ID: C7D42CB7B019C4004C17680ECD0CF3B4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60481979D5EB99AF3045475A7D35FA94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4EE612719F324F50196BE9A22A17A0A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

토다와

Page URL History Show full URLs

https://todawa9.asia/ HTTP 301
https://www.todawa52.asia/ HTTP 302
https://www.todawa52.asia/home.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

98 %
HTTPS

64 %
IPv6

16
Domains

26
Subdomains

25
IPs

6
Countries

1725 kB
Transfer

2933 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xn--2j1b408atji.net/
Title: https://www.토다와.net

Search URL Search Domain Scan URL

URL: https://www.uuoobe.kr/bbs/board.php?bo_table=request
Title: 자료요청

Search URL Search Domain Scan URL

URL: https://wekoreatv.vip/home.php
Title: Wetv

Search URL Search Domain Scan URL

URL: https://www.tfreeca22.top/board.php?mode=list&b_id=adult&time=1702827603
Title: 성인

Search URL Search Domain Scan URL

URL: https://sekder.net/?ref=uube
Title: 섹파찾기

Search URL Search Domain Scan URL

URL: http://1bet1.vip/

Search URL Search Domain Scan URL

URL: http://wn-st.com/

Search URL Search Domain Scan URL

URL: http://ww-ot.com/

Search URL Search Domain Scan URL

URL: https://drugpharm.blog/

Search URL Search Domain Scan URL

URL: https://nulpurn.com/shop/item.php?it_id=trel01

Search URL Search Domain Scan URL

URL: https://filecast.co.kr/?p_id=reel

Search URL Search Domain Scan URL

URL: https://herbmming1.com/

Search URL Search Domain Scan URL

URL: http://koko-2011.com/

Search URL Search Domain Scan URL

URL: https://0303.spzhspzh.co/register.html

Search URL Search Domain Scan URL

URL: https://nulppurun.com/shop/item.php?it_id=trel02

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://todawa9.asia/ HTTP 301
https://www.todawa52.asia/ HTTP 302
https://www.todawa52.asia/home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ads-partners.coupang.com/g.js HTTP 302
https://partners.coupangcdn.com/widget/g/main-ac0f3eda23343dff48a4.js

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home.php Show response
www.todawa52.asia/
Redirect Chain

https://todawa9.asia/
https://www.todawa52.asia/
https://www.todawa52.asia/home.php

48 KB
8 KB

288ms
288ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/home.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 116edc6a4845cc248f79f7e244ab63e9b7e1f567bee2755fa3d424fd93974fbc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837043a19f8d22bc-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 15:40:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnJ%2BhwNqIdV3uaWXEHcxT7%2FL2KGNK1mP9gAcCaaA9lpkl74hZf%2BGblaGZKGcanZQIuJkxvw0noZHJNca7onlRMmeFcblw1SSCDJywb5EccQ9AVE%2BI%2Bn0J5Mh%2FOmAvlFNIICvulgXABa%2FgFsV0K%2BbTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8370439e4b4222bc-CDG
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 15:40:22 GMT
location: home.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGgaj9HHMEvQ9%2BZrWs92KAMBO1BjSEAXtDh%2BE9iFc9MC9GeLYxdfuOqMi4T57LvZj4dpXWkv3CNOli0smafkdNd5A6tt%2BZc8Wb4V%2F8QYahqWyejVeqZKV4dZaXW%2BTb7QB0wAXHqAvuzNxqfbh%2FGskg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H/1.1 200
OK PelicanC.dll Show response
ad.abchub.site/cgi-bin/ 3 KB
3 KB 3520ms
302ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Yongin-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bbcd5cfe60b8f22bfa4580ff550220de860dbb95e54211cdcf22095e78c2ec64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 17 Dec 2023 15:40:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H3 200 common.css
www.todawa52.asia/css/ 6 KB
2 KB 441ms
440ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/css/common.css?v5
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308052b1bf48d457ff68c33a498c882f75beaae17118485be2dd3163fe0c7c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Sep 2021 10:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6139e5b9-179f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78%2FcR2e7Ldw1NIxcUcONKa5u25edN3m69mjEsbEMthHKEdcOTrzkGUNtrlM0GqF52xcuqlyRBGMyK03SVxKimO8bc%2B04syk4okCWq6mnElZ4plp%2FbndoVYbp6lZlhPhKcILhm1z4ighjSOGbnBNY7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 837043a378070be0-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 03:40:23 GMT

GET
H3 200 main.css
www.todawa52.asia/css/ 2 KB
982 B 431ms
430ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/css/main.css
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf18a9ed9a6aa889d227de181fe071fe47062764cacd90c4423b81b6bbbee834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Sep 2019 13:18:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d838040-6a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAQhZfZNQnDLsnYNU6yvG6q1dM2NJt71rYc85y0oNSgEz31TUxedD14izWV3kziqUBMuVVmnvp3jJZqdegZYmB0j5v7GPB1etxJWetnz4siTp7EluxxDQie1M8vdUl3qF%2ByyTkd6cQEdjAMPi4j3ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 837043a3780a0be0-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 03:40:23 GMT

GET
H3 200 sub.css
www.todawa52.asia/css/ 6 KB
2 KB 440ms
439ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/css/sub.css
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72855f862df04b84b9755977382129f3f7f22f188f02686807e0eb5df1916155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 14 May 2021 08:41:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"609e37d6-1648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pj1M08AQ6b9YfA4kuA6RuITC2TJ%2FjNPEPX6TgIso8hwLOGDFkRqOl6xmewxlgxP12cFwgVK6Jc%2FeXla29UQmxHQGb7w0lLgnGASt%2F%2BiKhZl8FROt60Gtz4ceFkH6IBHZGhIEwfq87pD0wgmhWVGf3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 837043a3780b0be0-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 03:40:23 GMT

GET
H3 200 iconfont.css
www.todawa52.asia/css/ 5 KB
4 KB 465ms
464ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/css/iconfont.css
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d322485983f9bf6aa843345c3eb6dcc06b6d60555c849a778133ac335aa4251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 08 Oct 2019 00:38:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d9bda7e-1545"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OOfPIqc7awLTsv7kAN1H%2FR60IyPA484O%2BleGXb2VEHXs%2BZ5LnyUCXe9bpWAwRHuIsHXmRwZyC4nZlnkCaW9jNHqQzv9ZquSAMVA8Io7Cn3V0WLYX%2FbscE6By0WjHbKcZOKce0sn4D9gvyRboeMDwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 837043a3780c0be0-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 03:40:23 GMT

GET
H3 200 common.js Show response
www.todawa52.asia/js/ 1 KB
937 B 449ms
448ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.todawa52.asia/js/common.js
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf0d6da2b17b813749a8b61047b209827603fb1fdff3ef336df7e67fe16aefe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 19 Sep 2019 03:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d82f024-5d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1l8HxDwKdz%2F9fOCAdj59YGPHJlFpHtcxfQ4VFD9V%2B75Xl9nPhIO%2BVRPZPf9lAI68TFe9W2G3HlFsC%2FtEem%2FAeYY4igr2Jl0xrkRSIHCK%2BGqUEbq43n0qUwwiGrrlXYwNf1L7JmZ7JT4GEQbRzVayQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 837043a3780d0be0-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 03:40:23 GMT

GET
H3 200 logo.gif
www.todawa52.asia/images/common/ 2 KB
3 KB 37ms
37ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/common/logo.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ea8b8e5fb63e30170770409f524bac18a024b210d690fa0db919212269a14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345108
alt-svc: h3=":443"; ma=86400
content-length: 2449
last-modified: Thu, 19 Sep 2019 04:49:56 GMT
server: cloudflare
etag: "5d8308f4-991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYZIxKgEg8kXtZDmEghcvQly9oLCqGIAq3n8i4SQe1bLkLza5EpbCUpHyALfAVQXFCTTpxBQ8UIHc5A9bABCp3hjcXjQfh4FzCCpAPv976atmr%2FUL0JUNWfteB7ZJF6fKwGCCbdtAaFEIePi43CBBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043a3780f0be0-AMS
expires: Fri, 12 Jan 2024 15:48:33 GMT

GET
H3 200 search.gif
www.todawa52.asia/images/common/ 2 KB
2 KB 39ms
38ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/common/search.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89a06d4661e5607389bec9499b0d799fb723f1319cdb5fd1024fa5d70161075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329636
alt-svc: h3=":443"; ma=86400
content-length: 1782
last-modified: Wed, 18 Sep 2019 05:26:59 GMT
server: cloudflare
etag: "5d81c023-6f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4UKNbXq4G%2Fr7X0NXocf6EWqCr%2BCDhyKQVco2BQmAyKiYKWQiZhJ8d10W2nEeRLN39lINfccipUOkGfAOT6Cl3kYdXUnA1flqenPWGgNqYHsTLUA5oRRzTd2t99%2F%2BWyGtN7VGfzMaeev0TKsO2yZWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043a378110be0-AMS
expires: Fri, 12 Jan 2024 20:06:26 GMT

GET
H3 200 img_19.png
www.todawa52.asia/images/ 1 KB
2 KB 33ms
33ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/img_19.png
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329636
alt-svc: h3=":443"; ma=86400
content-length: 1535
last-modified: Wed, 08 Jun 2022 13:48:46 GMT
server: cloudflare
etag: "62a0a8be-5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J06vFU2SfvXhIuvxUwRDIDj3JZqCuu4NQmsNZT4qgnMl1Ma8GyrKbjH7FReEJ4VUd6ADwXvSoNM3TqGDAPfA1Z4c%2FUvVPzT%2FBmPP%2FRV6rsksDG3FLrA8bEa2PlACsr11ukKW2oYMOnR1vWsfgGxW1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043a3b8480be0-AMS
expires: Fri, 12 Jan 2024 20:06:26 GMT

GET
H/1.1 200
OK bet1_380.jpg
i.keezip.com/ad/ 42 KB
42 KB 2231ms
352ms Image
image/jpeg 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/bet1_380.jpg
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 783361ed917fad413a4249d12774f5b0be1e4e75495da00e3b3e9edb1e10926f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:21 GMT
Last-Modified: Tue, 31 Jan 2023 16:21:48 GMT
Server: nginx/1.15.11
ETag: "63d9401c-a8a2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43170

GET
H/1.1 200
OK wn-xg_1.jpg
i.keezip.com/ad/ 60 KB
60 KB 175ms
174ms Image
image/jpeg 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/wn-xg_1.jpg
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: a4d9e2cbab3e0d55a661df4ffba7c67a137191d93b5e1714cf56b5eafb052c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:21 GMT
Last-Modified: Tue, 10 May 2022 08:41:28 GMT
Server: nginx/1.15.11
ETag: "627a2538-ee19"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60953

GET
H/1.1 200
OK ww-ot_m.jpg
i.keezip.com/ad/ 51 KB
51 KB 200ms
200ms Image
image/jpeg 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/ww-ot_m.jpg
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: fd3a78c44240fc968612ed1a66b1ddf9f2e88ee172a587673e20a3d2709194c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:22 GMT
Last-Modified: Wed, 31 Aug 2022 14:18:44 GMT
Server: nginx/1.15.11
ETag: "630f6dc4-ca78"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51832

GET
H/1.1 200
OK drugpharm_m2.gif
i.keezip.com/ad/ 69 KB
69 KB 292ms
292ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/drugpharm_m2.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 899cd99a24a6950e11055aef298623208bde99364981f3a8b48b2c8580ca3d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:22 GMT
Last-Modified: Sun, 26 Mar 2023 05:15:08 GMT
Server: nginx/1.15.11
ETag: "641fd4dc-114db"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70875

GET
H/1.1 200
OK nulpurn_380.gif
i.keezip.com/ad/ 195 KB
195 KB 1036ms
630ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/nulpurn_380.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 6bd415fb0978ecddc6a9a1e77da54a17e77044f2a7c3d1fb9c6dbe82d2a5dbeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Wed, 06 Dec 2023 03:43:02 GMT
Server: nginx/1.15.11
ETag: "656fedc6-30ccd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 199885

GET
H/1.1 200
OK filecast_m.gif
i.keezip.com/ad/ 10 KB
10 KB 772ms
406ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/filecast_m.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 27ce170f477b80957c55e1939c87820de82f8ce1bc71571477bf78de9ba34ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Sun, 02 Apr 2023 02:29:00 GMT
Server: nginx/1.15.11
ETag: "6428e86c-28e1"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10465

GET
H/1.1 200
OK herbnewming.gif
i.keezip.com/ad/ 142 KB
142 KB 959ms
592ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/herbnewming.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: cf2b04e65eac6603f6472fe3b58bda2918c4a4fdbe0a5878eda75da7d43b4925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Tue, 29 Aug 2023 08:14:39 GMT
Server: nginx/1.15.11
ETag: "64eda8ef-236fc"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145148

GET
H/1.1 200
OK kozow.gif
i.keezip.com/ad/ 35 KB
35 KB 972ms
598ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/kozow.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 95a735225668834c0832ea7ec86aed467fc571e579e54fa9d350250d9a72edc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Sat, 30 Sep 2023 05:46:30 GMT
Server: nginx/1.15.11
ETag: "6517b636-8a34"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35380

GET
H/1.1 200
OK spzhspzh.gif
i.keezip.com/ad/ 160 KB
161 KB 1058ms
649ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/spzhspzh.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: ab16e5f8339f6892b300bdb63997390a666e155ba1f7be149f2e809eb7dcf68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Thu, 12 Oct 2023 02:36:56 GMT
Server: nginx/1.15.11
ETag: "65275bc8-28198"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164248

GET
H/1.1 200
OK sekder.gif
i.keezip.com/ad/ 20 KB
20 KB 500ms
500ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/sekder.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: d22868dbb660acc95fec8868fbbcf2979c3ec66becf9a1e9b64c8a2252553196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:23 GMT
Last-Modified: Fri, 24 Nov 2023 05:09:15 GMT
Server: nginx/1.15.11
ETag: "65602ffb-501e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20510

GET
H3 200 icon_new.gif
www.todawa52.asia/images/ 511 B
1004 B 39ms
38ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/icon_new.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345111
alt-svc: h3=":443"; ma=86400
content-length: 511
last-modified: Thu, 19 Sep 2019 13:42:13 GMT
server: cloudflare
etag: "5d8385b5-1ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0wWYAd7VB41lJT%2FI8PPzrH5Goux%2BTpE9adC4B5k3Gr2XkOpgsYXQtBet2bWBZNdk62%2FH6tbwfC1HlYoBDDdGyld2fOuOqFjDCPyLyqUHnzio1M%2FTGSc08mpv%2BFkA%2BSLLrfzGDqk%2BdhuuGtMudjoBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043ba0a4e0be0-AMS
expires: Fri, 12 Jan 2024 15:48:35 GMT

GET
H3 200 icon_nonew.gif
www.todawa52.asia/images/ 1 KB
2 KB 45ms
45ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/icon_nonew.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345111
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Sat, 12 Oct 2019 14:47:22 GMT
server: cloudflare
etag: "5da1e77a-4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3LxGRatZfB2gmCJtuxgdU56zIPOMzq04877GgJsyMSR9r5Q94dcOJgx%2BvWK2fACgC8j5iTDbWk3qy0oQ%2B1IKDcj5Bk47%2BF0l%2FFZTjFr1%2BN92Ce511UFv6wyKag1YubEsBWl3tJ5M68H0SEi24RSjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043ba0a520be0-AMS
expires: Fri, 12 Jan 2024 15:48:35 GMT

GET
H/1.1 200
OK drugpharm2.gif
i.keezip.com/ad/ 70 KB
70 KB 292ms
292ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/drugpharm2.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 1131f045ddc50292cb1ed4af9659a0850359a37bc401e4a9ef7062a52abb836f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:24 GMT
Last-Modified: Tue, 31 Oct 2023 07:49:40 GMT
Server: nginx/1.15.11
ETag: "6540b194-118c1"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71873

GET
H/1.1 200
OK bet1_250.jpg
i.keezip.com/ad/ 77 KB
78 KB 211ms
211ms Image
image/jpeg 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/bet1_250.jpg
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: 01f68ef3a7eef7b7cc21cacca00a0c191f172d4327e4f04399191ffaac8cae49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:24 GMT
Last-Modified: Tue, 31 Jan 2023 16:22:24 GMT
Server: nginx/1.15.11
ETag: "63d94040-135ab"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79275

GET
H/1.1 200
OK nulpurn_200.gif
i.keezip.com/ad/ 35 KB
35 KB 201ms
201ms Image
image/gif 202.97.174.25
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.keezip.com/ad/nulpurn_200.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.97.174.25 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: nginx/1.15.11 /
Resource Hash: f34285967052f4d10e4732af244d5db654ab1b685b9f505cf770dbc186bc7171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 15:40:24 GMT
Last-Modified: Tue, 22 Aug 2023 14:00:52 GMT
Server: nginx/1.15.11
ETag: "64e4bf94-8c57"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35927

GET
H2 200 jquery-3.6.0.slim.js Show response
code.jquery.com/ 230 KB
68 KB 61ms
20ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.js
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6

Request headers

Referer: https://www.todawa52.asia/
Origin: https://www.todawa52.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 17 Dec 2023 15:40:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8025422
x-cache: HIT, HIT
content-length: 68992
x-served-by: cache-lga21921-LGA, cache-fra-eddf8230037-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702827627.510880,VS0,VE0
etag: W/"28feccc0-3974d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1814, 128

GET
H/1.1 200
OK PelicanC.dll Show response
ad.aceplanet.co.kr/cgi-bin/ 640 B
1 KB 2318ms
316ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=066i&out=script
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Yongin-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 401604b81dd791bf5bf16875bd7d5db040bbf4f672313ab622791ecabac27f8c

Request headers

Referer: https://www.todawa52.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 17 Dec 2023 15:40:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H2 200 tend.js Show response
js.ad4989.co.kr/common/js/ 35 KB
7 KB 4637ms
294ms Script
application/javascript 101.235.211.24
HCNSEOCHOCATV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend.js
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 101.235.211.24 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software: /
Resource Hash: 1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:29 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges: bytes
etag: "616fc340:1aea"
content-length: 6890
content-type: application/javascript

GET
H2

200

main-ac0f3eda23343dff48a4.js Show response
partners.coupangcdn.com/widget/g/
Redirect Chain

https://ads-partners.coupang.com/g.js
https://partners.coupangcdn.com/widget/g/main-ac0f3eda23343dff48a4.js

13 KB
5 KB

108ms
23ms

Script
text/javascript

99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://partners.coupangcdn.com/widget/g/main-ac0f3eda23343dff48a4.js
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H2
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9360e04a7269b6bfe97482d59c4a96934638b7bebc7fe9b3d79f5c21f5a66cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 19:01:14 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 08:51:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 74355
x-amz-server-side-encryption: AES256
etag: W/"5fedb92cc7d7ba26f2ba26791627a224"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4CtyOIWpEPjtJ91O89LgoYuhNd_PBUBhX6iMf50wcmhR2okj4wsXug==

Redirect headers

pragma: no-cache, no-cache
date: Sun, 17 Dec 2023 15:40:29 GMT
strict-transport-security: max-age=31536000
server: nginx
content-language: de-DE
location: https://partners.coupangcdn.com/widget/g/main-ac0f3eda23343dff48a4.js
cache-control: no-cache, no-store, no-cache, no-store
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 widgets.html Show response
ads-partners.coupang.com/ Frame 52A1 14 KB
5 KB 358ms
358ms Document
text/html 88.221.124.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads-partners.coupang.com/widgets.html?id=733320&template=carousel&trackingCode=AF1258410&subId=acecooppy320&width=320&height=480&tsource=&rUrl=&tag=js&resolution=1600x1200&serverBaseUrl=https%3A%2F%2Fads-partners.coupang.com%2F&logServerBaseUrl=https%3A%2F%2Flogs-partners.coupang.com%2Flog%2F

Requested by

Host: ads-partners.coupang.com
URL: https://ads-partners.coupang.com/g.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.124.15 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-124-15.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

08301942ccf98063d3fa6bae145c2d1d0a546bde660406213b9087127e354fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.todawa52.asia/home.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 4343
content-type: text/html;charset=UTF-8
date: Sun, 17 Dec 2023 15:40:30 GMT
observe-browsing-topics: ?1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 tend.js Show response
js.ad4989.co.kr/common/js/ 35 KB
7 KB 1378ms
292ms Script
application/javascript 101.235.211.24
HCNSEOCHOCATV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend.js
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 101.235.211.24 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software: /
Resource Hash: 1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:29 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 07:20:32 GMT
accept-ranges: bytes
etag: "616fc340:1aea"
content-length: 6890
content-type: application/javascript

GET
H/1.1 200
OK PelicanC.dll Show response
ad.abchub.site/cgi-bin/ 3 KB
3 KB 917ms
307ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Yongin-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2d930af4bd5419bf72222580b88380a552e44fc551211bea4f14fee9800c4c59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 17 Dec 2023 15:40:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H2 200 main-63271ccb045a11789d57.js Show response
partners.coupangcdn.com/widget/carousel/default/ Frame 52A1 67 KB
20 KB 25ms
25ms Script
text/javascript 99.86.4.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://partners.coupangcdn.com/widget/carousel/default/main-63271ccb045a11789d57.js
Requested by: Host: ads-partners.coupang.com
URL: https://ads-partners.coupang.com/widgets.html?id=733320&template=carousel&trackingCode=AF1258410&subId=acecooppy320&width=320&height=480&tsource=&rUrl=&tag=js&resolution=1600x1200&serverBaseUrl=https%3A%2F%2Fads-partners.coupang.com%2F&logServerBaseUrl=https%3A%2F%2Flogs-partners.coupang.com%2Flog%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf6544d10716395f3e62d1c9b336b19fb62c85444f2d666975917199c28d7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 02:52:28 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 02:51:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 46083
x-amz-server-side-encryption: AES256
etag: W/"8da6a1055eb1628e0904e94ddb89c88f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: doiOiqVG4ZpCVkoMVsAglALe7CsTNTYPylm5eZI2rF41g-dtcnCTww==

POST
H2 200 page-impression
logs-partners.coupang.com/log/ Frame 52A1 6 B
254 B 1210ms
1127ms Ping
text/plain 104.18.21.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs-partners.coupang.com/log/page-impression?id=733320&widgetName=carousel&datasetId=39&trackingCode=AF1258410&subId=acecooppy320&traceId=V0-591-0000000000000000-I733320&rUrl=https%3A%2F%2Fwww.todawa52.asia%2Fhome.php&resolution=1600x1200&tt=1702827630010&impressionId=20231218004030010011671471&userMeta=eyJzdWJJZCI6ImFjZWNvb3BweTMyMCIsImltZ1NpemUiOiIzMjB4NDgwIiwid2lkdGgiOiIzMjAiLCJoZWlnaHQiOiI0ODAiLCJ0c291cmNlIjoiIn0%3D&productIdSet=%5B%7B%22productId%22%3A6138575604%7D%2C%7B%22productId%22%3A7675072377%7D%2C%7B%22productId%22%3A181699807%7D%2C%7B%22productId%22%3A7757148162%7D%2C%7B%22productId%22%3A7458810098%7D%2C%7B%22productId%22%3A5585425593%7D%2C%7B%22productId%22%3A7492743066%7D%2C%7B%22productId%22%3A7670755320%7D%2C%7B%22productId%22%3A1161017165%7D%2C%7B%22productId%22%3A7201077357%7D%2C%7B%22productId%22%3A6905990689%7D%2C%7B%22productId%22%3A7635087565%7D%2C%7B%22productId%22%3A344528374%7D%2C%7B%22productId%22%3A237362027%7D%2C%7B%22productId%22%3A6424725570%7D%2C%7B%22productId%22%3A1074358643%7D%2C%7B%22productId%22%3A1719993536%7D%2C%7B%22productId%22%3A5302960090%7D%2C%7B%22productId%22%3A305672892%7D%2C%7B%22productId%22%3A6715560668%7D%5D&datasetAbGroup=42217-A&dataSource=GOLDBOX&expectedDataSource=RECOMMENDATION&tempParams=&attrs=%7B%22AB42217%22%3A%22A%22%2C%22GA_RECO%22%3Atrue%2C%22GA_RECO_PRODUCTS%22%3A0%2C%22SOURCE%22%3A%22GOLDBOX%22%2C%22DEFAULT_GOLDBOX%22%3Atrue%2C%22PERSONALIZED%22%3Afalse%2C%22DEFAULTS%22%3Atrue%7D&preview=false

Requested by

Host: partners.coupangcdn.com
URL: https://partners.coupangcdn.com/widget/carousel/default/main-63271ccb045a11789d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.168 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 837043d18c1c4d74-FRA
content-length: 6
content-type: text/plain;charset=UTF-8

GET
H2 200 logo_coupang_w350.png
static.coupangcdn.com/image/coupang/common/ Frame 52A1 7 KB
8 KB 255ms
63ms Image
image/png 2.16.202.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.coupangcdn.com/image/coupang/common/logo_coupang_w350.png
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.202.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 847b414f20844ef4b3f04ab435115b6810c52edf7f6c64a441a8ca8a3381cfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 17 Dec 2023 15:40:30 GMT
last-modified: Fri, 24 Aug 2018 00:23:42 GMT
server: AmazonS3
x-amz-request-id: SFN8F71XJ53DZ2EN
etag: "a8d895f97b5ca3ec61a898c324d781bc"
content-type: image/png
cache-control: max-age=7776000
accept-ranges: bytes
content-length: 7448
x-amz-id-2: 9TMYJ1dzadkEwhwTf3o5tIJzukyqNfSNU3mNLY7pKFaLh1m2ejlmTZGXEm/WdwyiQjwW5fP9WfA=
expires: Sat, 16 Mar 2024 15:40:30 GMT

GET
H2 200 ajax-loader.gif
img1a.coupangcdn.com/image/mobile/ Frame 52A1 3 KB
4 KB 258ms
33ms Image
image/gif 2600:9000:223e:4e00:1c:70ca:66c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img1a.coupangcdn.com/image/mobile/ajax-loader.gif

Requested by

Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:4e00:1c:70ca:66c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 16 Dec 2023 21:48:41 GMT
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 64313
x-cache: Hit from cloudfront
content-length: 3208
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Aug 2018 00:19:10 GMT
server: AmazonS3
etag: "a51c5608d01acf32df728f299767f82b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: SSZ93ynptwoJj_7QJHaQT0osJY6gLZloq1D5udrytHEZcIylf3XzJg==

GET
H2 200 8330216492185158-3c5ae22c-9540-4353-8dbe-af2d0027b53d.jpg
t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/ Frame 52A1 31 KB
31 KB 151ms
23ms Image
image/jpeg 2600:9000:214f:3e00:18:c55a:9580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/8330216492185158-3c5ae22c-9540-4353-8dbe-af2d0027b53d.jpg

Requested by

Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:18:c55a:9580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cb70fece6a40931a960f9dad48a6929364541844013f98cfe63e6f78a3e44550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:09:00 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 1092690
x-cache: Hit from cloudfront
content-length: 31319
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Sep 2022 06:19:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
x-amz-cf-id: 55f-cnR__ruU5B2viZpjvsHm4yQIpm8Xn5jnCk7_H_ASPUx7AIEROg==
expires: Thu, 04 Jan 2024 00:09:00 GMT

GET
H2 200 b843c435-453a-411c-aaaa-e55dcb0036a0.jpg
t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/2023/10/25/14/5/ Frame 52A1 21 KB
21 KB 168ms
40ms Image
image/jpeg 2600:9000:214f:3e00:18:c55a:9580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/2023/10/25/14/5/b843c435-453a-411c-aaaa-e55dcb0036a0.jpg

Requested by

Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:18:c55a:9580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

79a7a4a7d47e36b28735a2eb6d7072da4d4b8fe4d53c9d914c8ae1858896c05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:47:32 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 57178
x-cache: Hit from cloudfront
content-length: 21505
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 25 Oct 2023 05:25:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
x-amz-cf-id: LwSrOyZ1fQucRpyOJXV9UvCuZXS5b1FYG5QIa9Pk2P6L8hp6qGhpQQ==
expires: Mon, 15 Jan 2024 23:47:32 GMT

POST
H2 200 impression
logs-partners.coupang.com/log/ Frame 52A1 6 B
362 B 1198ms
1118ms Ping
text/plain 104.18.21.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs-partners.coupang.com/log/impression?id=733320&widgetName=carousel&datasetId=39&trackingCode=AF1258410&subId=acecooppy320&traceId=V0-591-0000000000000000-I733320&rUrl=https%3A%2F%2Fwww.todawa52.asia%2Fhome.php&resolution=1600x1200&tt=1702827630010&impressionId=20231218004030010011671471&userMeta=eyJzdWJJZCI6ImFjZWNvb3BweTMyMCIsImltZ1NpemUiOiIzMjB4NDgwIiwid2lkdGgiOiIzMjAiLCJoZWlnaHQiOiI0ODAiLCJ0c291cmNlIjoiIn0%3D&productIdSet=%5B%7B%22productId%22%3A6138575604%7D%2C%7B%22productId%22%3A7675072377%7D%2C%7B%22productId%22%3A181699807%7D%2C%7B%22productId%22%3A7757148162%7D%2C%7B%22productId%22%3A7458810098%7D%2C%7B%22productId%22%3A5585425593%7D%2C%7B%22productId%22%3A7492743066%7D%2C%7B%22productId%22%3A7670755320%7D%2C%7B%22productId%22%3A1161017165%7D%2C%7B%22productId%22%3A7201077357%7D%2C%7B%22productId%22%3A6905990689%7D%2C%7B%22productId%22%3A7635087565%7D%2C%7B%22productId%22%3A344528374%7D%2C%7B%22productId%22%3A237362027%7D%2C%7B%22productId%22%3A6424725570%7D%2C%7B%22productId%22%3A1074358643%7D%2C%7B%22productId%22%3A1719993536%7D%2C%7B%22productId%22%3A5302960090%7D%2C%7B%22productId%22%3A305672892%7D%2C%7B%22productId%22%3A6715560668%7D%5D&datasetAbGroup=42217-A&dataSource=GOLDBOX&expectedDataSource=RECOMMENDATION&tempParams=&attrs=%7B%22AB42217%22%3A%22A%22%2C%22GA_RECO%22%3Atrue%2C%22GA_RECO_PRODUCTS%22%3A0%2C%22SOURCE%22%3A%22GOLDBOX%22%2C%22DEFAULT_GOLDBOX%22%3Atrue%2C%22PERSONALIZED%22%3Afalse%2C%22DEFAULTS%22%3Atrue%7D&preview=false

Requested by

Host: partners.coupangcdn.com
URL: https://partners.coupangcdn.com/widget/carousel/default/main-63271ccb045a11789d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.168 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 837043d18c1f4d74-FRA
content-length: 6
content-type: text/plain;charset=UTF-8

GET
H2 200 jquery-3.6.0.slim.js Show response
code.jquery.com/ 230 KB
68 KB 25ms
25ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.js
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6

Request headers

Referer: https://www.todawa52.asia/
Origin: https://www.todawa52.asia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 17 Dec 2023 15:40:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8025426
x-cache: HIT, HIT
content-length: 68992
x-served-by: cache-lga21921-LGA, cache-fra-eddf8230037-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702827631.744640,VS0,VE0
etag: W/"28feccc0-3974d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1814, 129

GET
H/1.1 200
OK PelicanC.dll Show response
ad.aceplanet.co.kr/cgi-bin/ 2 KB
3 KB 921ms
307ms Script
text/html 211.226.25.200
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script
Requested by: Host: ad.abchub.site
URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 211.226.25.200 Yongin-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 72863df27774cdc732cd14c6373ed2fbb25b7baaba2456673bf8685e784e6e83

Request headers

Referer: https://www.todawa52.asia/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Pragma: no-cache
Date: Sun, 17 Dec 2023 15:40:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Microsoft-IIS/10.0
Connection: close
Content-type: text/html

GET
H/1.1 200
OK WebLog.dll Show response
engine.tend-table.com/cgi-bin/ Frame 0E68 566 B
669 B 2606ms
734ms Document
text/html 220.117.190.132
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNTIuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1702827631196
Requested by: Host: js.ad4989.co.kr
URL: https://js.ad4989.co.kr/common/js/tend.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 220.117.190.132 Seoul, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a58665078337891f1c79159a58f062e1883fbf36982791c50216b1ed89b1f050

Request headers

Referer: https://www.todawa52.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Date: Sun, 17 Dec 2023 15:40:33 GMT
Server: Microsoft-IIS/10.0

POST
H2 200 items-impression
logs-partners.coupang.com/log/ Frame 52A1 6 B
280 B 1098ms
1097ms Ping
text/plain 104.18.21.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs-partners.coupang.com/log/items-impression?id=733320&impressionId=20231218004030010011671471&trackingCode=AF1258410&itemIds=6138575604&vendorItemIds=79031340021

Requested by

Host: partners.coupangcdn.com
URL: https://partners.coupangcdn.com/widget/carousel/default/main-63271ccb045a11789d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.168 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 837043d72b994d74-FRA
content-length: 6
content-type: text/plain;charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 186ms
116ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.aceplanet.co.kr
URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

165cce343e9ac8e23c654044ae000a76a621d9679ec143cb44c32576365ad806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28982
x-xss-protection: 0
server: cafe
etag: 659 / 19708 / 31080057 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 15:40:31 GMT

GET
H3 200 img_19.png
www.todawa52.asia/images/ 1 KB
2 KB 35ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/img_19.png
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329645
alt-svc: h3=":443"; ma=86400
content-length: 1535
last-modified: Wed, 08 Jun 2022 13:48:46 GMT
server: cloudflare
etag: "62a0a8be-5ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DS72ClkPn1uW1ctJqq85e4yhLSlAUCAGYk96Mf%2F%2FGYI2Q%2FTZGGpkFmhl1vX0gZQaxLjo5rLQo9Z5GByb2mkX28k7n9JU5jyFaUkgdl1oUMINrAfp%2BBgijEQfWLvw3wD4qXuVQJ2DMqTNXvZxaKua6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043d9ffcd0be0-AMS
expires: Fri, 12 Jan 2024 20:06:26 GMT

GET
H3 200 icon_new.gif
www.todawa52.asia/images/ 511 B
995 B 39ms
39ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/icon_new.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345116
alt-svc: h3=":443"; ma=86400
content-length: 511
last-modified: Thu, 19 Sep 2019 13:42:13 GMT
server: cloudflare
etag: "5d8385b5-1ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FDmDY66eJmRd13p59r2xioz8tBQUsqoW%2FosdWzAN9ugBInw3Eg7etKe2Wx9xyg1Sd50gKWSAvLSySSoVYWPXIQaxTRh7K7cD0YXbY0qHzAAcDb8GlCNZuz6avULCSrhF1noPXQJGq8teiVo2tIadg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043d9ffcf0be0-AMS
expires: Fri, 12 Jan 2024 15:48:35 GMT

GET
H3 200 icon_nonew.gif
www.todawa52.asia/images/ 1 KB
2 KB 36ms
35ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/icon_nonew.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345116
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Sat, 12 Oct 2019 14:47:22 GMT
server: cloudflare
etag: "5da1e77a-4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZHQNR2wSYTBWPy%2BT8rG8139XRLLTY%2B63ZpAk4DgaNbgoxd3RprulzIr8l2YokXZnUbT43uFMH1VQ%2BPAyv2akYGLEQ8qc%2BN0OKG%2BlfzoJY22V9Kwnuq4t3TLKSEn0pB0dUcCoXLjx2%2Fh5%2BRJ0IR1FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043d9ffd10be0-AMS
expires: Fri, 12 Jan 2024 15:48:35 GMT

GET
H3 200 main_bg.gif
www.todawa52.asia/images/common/ 1 KB
2 KB 36ms
36ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/common/main_bg.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/css/common.css?v5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e5ce83a1abacd834f7e44a3be40475fdbb8034a7a1f1da33ab6ad985d0b94a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/css/common.css?v5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170425
alt-svc: h3=":443"; ma=86400
content-length: 1215
last-modified: Wed, 18 Sep 2019 07:12:58 GMT
server: cloudflare
etag: "5d81d8fa-4bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KP9Tyc0jQY9LA%2FGNDq0uKjKAMzpKFlp86o9wB6Qmt3t70SYUIOjQ5DvuDW4OpqcSX0lNpq2wCXkgez9Tr6HeQKnfmTHaDugEILdW%2BbpmwfoDFOlRL1O6G5h5P8F5zHeQJJz9maqWILQpeWRA%2By%2FGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043d9ffd90be0-AMS
expires: Sun, 14 Jan 2024 16:20:05 GMT

GET
H3 200 more.gif
www.todawa52.asia/images/main/ 1 KB
2 KB 38ms
37ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.todawa52.asia/images/main/more.gif
Requested by: Host: www.todawa52.asia
URL: https://www.todawa52.asia/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7985a42dd917c9daf4cd2288e298caab5320df9927ee0ccdf43fed99f2cacf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345113
alt-svc: h3=":443"; ma=86400
content-length: 1192
last-modified: Wed, 18 Sep 2019 05:26:59 GMT
server: cloudflare
etag: "5d81c023-4a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUro%2BSFoFUztggnefCK95QI6OGOCBldxZN1eAzdNdA7VS%2BJJHP3gyLF5zkpKnkN0WzZ01ML9xEi0Qo%2B5YoymwhFKkNelabGX%2F5NOxYnvtThRXxpjVz8xIJV%2F1yvIFgcqBlbCYlFiVNLp9UqOZrNvAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 837043d9ffdb0be0-AMS
expires: Fri, 12 Jan 2024 15:48:38 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24466
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Dec 2024 08:52:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 62 B
74 B 91ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.todawa52.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873c92c0f5808842227fc7b93aa70f48a816abedf57bd268de030969f4734bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
x-xss-protection: 0
expires: Sun, 17 Dec 2023 15:40:31 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 187ms
187ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=438902248146049&correlator=2810002225584905&eid=31080123%2C31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=21682743634%3A22431107073%2CS011%2Cplaystore%2Cga02%2Cpc%2Cpost_right_bottom_btf_300x250&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=www.todawa52.asia&abxe=1&dt=1702827631974&adxs=1268&adys=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=%2F%2Fplay-store.co.kr&loc=https%3A%2F%2Fwww.todawa52.asia%2Fhome.php&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=2093696456.1702827632&ga_sid=1702827632&ga_hid=618104456&ga_fc=false&dlt=1702827622936&idt=9007&adks=3759869028&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95cc2e4f776efa221869f535cff4e6a4fe29c38490ea5da27151f1bf15e73563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.todawa52.asia
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1568 6 KB
3 KB 152ms
80ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todawa52.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:40:32 GMT
expires: Mon, 16 Dec 2024 15:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83DA 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todawa52.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:40:32 GMT
expires: Mon, 16 Dec 2024 15:40:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C7D4 164 KB
52 KB 205ms
114ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8WcAAAaVsH_aM5AAbwwkejrL_28giWTALf6w&u=%7CAivdXJ4RUsY2GQgZEQrb9pYxcKf6CakAHkO8bda6qw0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZXYc4_cGLuk2AFg9wCwpotsK6z_rUExqwXZjzOwOUiQccLdVPWpkAooS3cQ6NhQDCT8RDPSdONo2J_ORs-Y36YrqeC204JW3HWirdnvVyd2pNWeECX_ZJ0ccCRtBRlB0JnRLTgDHP-tyLVZU4xx_ETb85kVBjHjor1XIoBcphEJgDEAkGs3VJ_JWhX4L2dNZvL57A2br4X_l0pFLqlD9kZhQRgefGyoRv0X7-c475vjmRFbWDjDJrcpsAnC2jDN2AfQOZwaoKoZtSgbJys1Pk1Gzo5g4DdxvY4AE6lbCOe3-dbgXECEwNGgIutQQt6vWopuP_SZ37S6DApa204aStPPTlHzLOM54S4EFQ646yu9mqXaetUyKqjuPUDSyOT1kI5Yf5k5QZpQp1uaOcdnoGMd5niJH2VANBRgXRtXV7A385zuqNPM3E0wU9m1outMC2h0JCj03Je_yMfUyY1p78WMXZJL7Y4VOW8hzP9fMNZnEnSoZJ51G6QvSLe2sMrhOF9T-AoLGvYt76OwKl1NVNq71IwObvZqbXo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIaszcBZ_ZdvSAbnG9u8PwuGbkAPJntKxXNWdkfdwwI23ARABIABglaKkgrAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSwAk_QqjQCSYlxn2Ch2Mk2M_vckp0utjtMkx9yqo_aDubbCP7AGUjBBkfw4MbXVlnkNsOZZRaUj17q-SrmRmJa0wb58gbAW6GR_LP4wkP0TRO91DJoK-ko45VO3iodk7pXWNWi_ETV8oHZx1jew2UepDFLUzhvMlQ7mGJFjeiGdchV6UmLdXISDVDMTd8gGH71WEpsazdOsuKld7XBL3sFDt1NT1SRi2eMRWvX28Emy3lM_3mBnyN38ZFUpBtMsFfK0JenfjQxDjK291h54s_AQFTe5ug1MDVy9LHLO2qH7kvn8jybG-aO2z7vMpQv_L6cbyjLvR1b2XzhFbZAFVuynkdQHwjH7_qf4plB2wC_-SACh6_h2l6QatoX69hQNKOj4lig5tX-YexJbCMBEieJnKrgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_8_mg55aDA_IIG2FkeC1zdWJzeW4tNjk5MTI3MTE4NTM5MzQ1MfoLAggBgAwB4g0TCMGs-qDnloMDFTmj_QcdwvAGMtAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sEQdxuN0wsPx_SR87mZCr0nGypQ%26client%3Dca-pub-3665575696298773%26adurl%3D

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a4627e31c21d797c278d8a10b656d1df029479270f65711af926a92390dd2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:40:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=I3q82UqaRgiyEL6kW7IqMKj1tKQdR9G7ArXg-h0xC-d8vmUl4k58YdkVjNucVAgBAG4UrRC4PuWnK3nd1RlSniVUnee_MHy99DZcRXfIPJPd6aD8oZBm-dEDaANpcd8sRtBBw0KKdh99dY0rlrG5eogXlmnZDVayJobQ1KHxCH8yjIxXRQCCU5EM7GAlVuptg1T1mwr5gbJEgggjlAYBk5RdaH3xdZ1Pai6_z7E35vGRwUpTxC9lgHuSuYY45YzbyUoaDg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58141436
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83DA 3 KB
1 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 08:14:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83DA 20 KB
9 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:54:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 83DA 24 KB
7 KB 67ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 482643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83DA 203 KB
65 KB 79ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 15:40:32 GMT

GET
DATA 200
OK truncated
/ Frame 83DA 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69a455a83d3849bbd05acb2927a8fb67665a8a24a13bc80256ca44025100709

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 83DA 0
0 66ms
66ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBow8cBZ_ZdvSAbnG9u8PwuGbkAPJntKxXNWdkfdwwI23ARABIABglaKkgrAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgStAk_QqjQCSYlxn2Ch2Mk2M_vckp0utjtMkx9yqo_aDubbCP7AGUjBBkfw4MbXVlnkNsOZZRaUj17q-SrmRmJa0wb58gbAW6GR_LP4wkP0TRO91DJoK-ko45VO3iodk7pXWNWi_ETV8oHZx1jew2UepDFLUzhvMlQ7mGJFjeiGdchV6UmLdXISDVDMTd8gGH71WEpsazdOsuKld7XBL3sFDt1NT1SRi2eMRWvX28Emy3lM_3mBnyN38ZFUpBtMsFfK0JenfjQxDjK291h54s_AQFTe5ug1MDVy9LHLO2qH7kvn8jybG-aO2z7vMpQv_L6cbyjLvR1b2XzhFbZAFVuynkdQHwjH7_qfoJtgSYAsKR2kV4g7Vn55ztQw4W5aGrshVpCdQCdBf8BR9OmVMs7gBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_8_mg55aDA_IIG2FkeC1zdWJzeW4tNjk5MTI3MTE4NTM5MzQ1MYAKA_oLAggBgAwB4g0TCMGs-qDnloMDFTmj_QcdwvAGMtAVAYAXAbIXHAoaEhRwdWItMzY2NTU3NTY5NjI5ODc3MxjazWs&sigh=G_o39NoGS1g&uach_m=%5BUACH%5D&cid=CAQSLQAvHhf_S3tGmes46ZQ7SIOTubI3SFusK8lQKiaG6CxVQwFFkO4RREQU9G6C1BgB&cbvp=2&vis=1
Requested by: Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 83DA 0
126 B 103ms
32ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k47EGMc1rAL6AZ2DYgICAAAAhWPcdbBWuzo3sI8tpxDBfBBvFn9lyMpXey5GMB8jNgAAEgAACgpBUVVCRHdFUER3&wp=ZX8WcAAAaVsH_aM5AAbwwkejrL_28giWTALf6w&cbvp=2

Requested by

Host: 9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 134331
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C7D4 2 KB
1 KB 149ms
78ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX8WcAAAaVsH_aM5AAbwwkejrL_28giWTALf6w&u=%7CAivdXJ4RUsY2GQgZEQrb9pYxcKf6CakAHkO8bda6qw0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZDDsO1x7lnZXYc4_cGLuk2AFg9wCwpotsK6z_rUExqwXZjzOwOUiQccLdVPWpkAooS3cQ6NhQDCT8RDPSdONo2J_ORs-Y36YrqeC204JW3HWirdnvVyd2pNWeECX_ZJ0ccCRtBRlB0JnRLTgDHP-tyLVZU4xx_ETb85kVBjHjor1XIoBcphEJgDEAkGs3VJ_JWhX4L2dNZvL57A2br4X_l0pFLqlD9kZhQRgefGyoRv0X7-c475vjmRFbWDjDJrcpsAnC2jDN2AfQOZwaoKoZtSgbJys1Pk1Gzo5g4DdxvY4AE6lbCOe3-dbgXECEwNGgIutQQt6vWopuP_SZ37S6DApa204aStPPTlHzLOM54S4EFQ646yu9mqXaetUyKqjuPUDSyOT1kI5Yf5k5QZpQp1uaOcdnoGMd5niJH2VANBRgXRtXV7A385zuqNPM3E0wU9m1outMC2h0JCj03Je_yMfUyY1p78WMXZJL7Y4VOW8hzP9fMNZnEnSoZJ51G6QvSLe2sMrhOF9T-AoLGvYt76OwKl1NVNq71IwObvZqbXo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIaszcBZ_ZdvSAbnG9u8PwuGbkAPJntKxXNWdkfdwwI23ARABIABglaKkgrAHggEXY2EtcHViLTM2NjU1NzU2OTYyOTg3NzPIAQmpAg6oy9JgR7I-4AIAqAMByAMCqgSwAk_QqjQCSYlxn2Ch2Mk2M_vckp0utjtMkx9yqo_aDubbCP7AGUjBBkfw4MbXVlnkNsOZZRaUj17q-SrmRmJa0wb58gbAW6GR_LP4wkP0TRO91DJoK-ko45VO3iodk7pXWNWi_ETV8oHZx1jew2UepDFLUzhvMlQ7mGJFjeiGdchV6UmLdXISDVDMTd8gGH71WEpsazdOsuKld7XBL3sFDt1NT1SRi2eMRWvX28Emy3lM_3mBnyN38ZFUpBtMsFfK0JenfjQxDjK291h54s_AQFTe5ug1MDVy9LHLO2qH7kvn8jybG-aO2z7vMpQv_L6cbyjLvR1b2XzhFbZAFVuynkdQHwjH7_qf4plB2wC_-SACh6_h2l6QatoX69hQNKOj4lig5tX-YexJbCMBEieJnKrgBAGABvWnnZCYlf64cKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli_8_mg55aDA_IIG2FkeC1zdWJzeW4tNjk5MTI3MTE4NTM5MzQ1MfoLAggBgAwB4g0TCMGs-qDnloMDFTmj_QcdwvAGMtAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sEQdxuN0wsPx_SR87mZCr0nGypQ%26client%3Dca-pub-3665575696298773%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C7D4 2 KB
1 KB 154ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C7D4 308 B
636 B 150ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C7D4 293 B
621 B 149ms
80ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C7D4 43 B
348 B 90ms
30ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iQhXa53gPfgEnCaj6vwb1cS3pMq2lEtggvRvXJh5NSkLzcZrKcGSd-yZpyU-xta3pv49i-8oD1lxkv2pIAex5Y9tItagSR2etcMPGv-dnSNw54BAKWK4a9TfACGwS7wyEhct-rA0X-9AA1eEPZ8MwjSDO8YR-7uoRQPk110GzWGl79Cd0biHw2PDEYPG5lS59OZ03bb2SbHaqV2PRmuDCTWpBI3nHhPbpBUP5SiYbPUOoJXZYXGDxZdYcJPdqfa7BIojhCcPY8XP3UNCKQWCKwBZH1ABrHuoZ58poqMslVfqeAvoDaw-9sTSR0-q7IJDXEWkY8xcLi5t2CW_AFhbXVSETqKdbzIXgBUSQd1slANXOG6yvoSwvQq6GBqAHgeVou83St71_6gxPIfrcjj9TQGOQ5CoiBtwC7z8brVKaCdcPwHY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1958623
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C7D4 12 KB
6 KB 100ms
87ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 9 KB
9 KB 410ms
73ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=132&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=tjTSKSsIG8TQAGicRvuOPnYH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9479
expires: Fri, 06 Dec 2024 05:49:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 12 KB
12 KB 433ms
95ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F13430_102.jpg%3F1652958217_2&v=3&w=400&rid=4&s=cGo3sfQ2yd_MzDLy8b4piPL4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

109586e1723757908c2bcd8a0fb78d4dc4fe5fd5e04589b9fcca888d2a97b907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12578
expires: Wed, 03 Jan 2024 11:21:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 16 KB
16 KB 409ms
72ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Wed, 03 Jan 2024 21:55:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C7D4 0
128 B 369ms
39ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=I3q82UqaRgiyEL6kW7IqMKj1tKQdR9G7ArXg-h0xC-d8vmUl4k58YdkVjNucVAgBAG4UrRC4PuWnK3nd1RlSniVUnee_MHy99DZcRXfIPJPd6aD8oZBm-dEDaANpcd8sRtBBw0KKdh99dY0rlrG5eogXlmnZDVayJobQ1KHxCH8yjIxXRQCCU5EM7GAlVuptg1T1mwr5gbJEgggjlAYBk5RdaH3xdZ1Pai6_z7E35vGRwUpTxC9lgHuSuYY45YzbyUoaDg&sds=2&rev=89791&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C7D4 2 KB
1 KB 80ms
79ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C7D4 2 KB
1 KB 60ms
60ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:40:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 16 KB
16 KB 46ms
46ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Wed, 03 Jan 2024 21:55:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 9 KB
9 KB 43ms
43ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9479
expires: Fri, 06 Dec 2024 05:49:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame C7D4 12 KB
12 KB 44ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

109586e1723757908c2bcd8a0fb78d4dc4fe5fd5e04589b9fcca888d2a97b907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12578
expires: Wed, 03 Jan 2024 11:21:57 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83DA 42 B
404 B 283ms
231ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoQSCJkTe6lBr4ET0pim70C0Cvi4uwU7dFeVMvDKLym1lGkrIL9douNKExgWkKxjXtr1tABfJPLEFG0oQ-VDfbfwAakiLt4D7GhuHI_pw7cnQrkrms&sig=Cg0ArKJSzJ2vRklqOAy6EAE&id=lidar2&mcvt=1000&p=926,1268,1176,1568&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3759869028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702827632175&rpt=176&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 15:40:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C7D4 0
127 B 44ms
44ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 15:40:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 8482837743571141-a1b150da-62d3-4ae6-8158-d6931aa7d859.jpg
t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/ Frame 52A1 14 KB
15 KB 31ms
30ms Image
image/jpeg 2600:9000:214f:3e00:18:c55a:9580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3c.coupangcdn.com/thumbnails/remote/318x318ex/image/retail/images/8482837743571141-a1b150da-62d3-4ae6-8158-d6931aa7d859.jpg

Requested by

Host: www.todawa52.asia
URL: https://www.todawa52.asia/home.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3e00:18:c55a:9580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

736c2b461b255661d3cd98998bc2dfc4128b27e765130b75b246a0d77378d589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:48:48 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 57105
x-cache: Hit from cloudfront
content-length: 14526
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 30 Sep 2022 01:14:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
x-amz-cf-id: eUTA9Z5hRfAIUtOhjJL6fnRV6M1Ix0ahO8iWLAmsUR3V7WB_9RJfSg==
expires: Mon, 15 Jan 2024 23:48:48 GMT

GET
H2 200 tend_child.js Show response
js.ad4989.co.kr/common/js/ Frame 0E68 14 KB
4 KB 292ms
292ms Script
application/javascript 101.235.211.24
HCNSEOCHOCATV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad4989.co.kr/common/js/tend_child.js
Requested by: Host: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=CONF&keyword=&ref=aHR0cHM6Ly93d3cudG9kYXdhNTIuYXNpYS9ob21lLnBocA==&inflow=&adurl=//ad.abchub.site&lang=utf-8&tm=1702827631196
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 101.235.211.24 Seoul, Korea, Republic Of, ASN9569 (HCNSEOCHOCATV-AS-KR SEOCHO CABLE SYSTEMS CO., LTD., KR),
Reverse DNS
Software: /
Resource Hash: 825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engine.tend-table.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:32 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 10:01:26 GMT
accept-ranges: bytes
etag: "5e539ef6:1164"
content-length: 4452
content-type: application/javascript

GET WebLog.dll
engine.tend-table.com/cgi-bin/ Frame 0E68 0
0

POST
H2 200 items-impression
logs-partners.coupang.com/log/ Frame 52A1 6 B
81 B 346ms
345ms Ping
text/plain 104.18.21.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://logs-partners.coupang.com/log/items-impression?id=733320&impressionId=20231218004030010011671471&trackingCode=AF1258410&itemIds=7675072377&vendorItemIds=87563702086

Requested by

Host: partners.coupangcdn.com
URL: https://partners.coupangcdn.com/widget/carousel/default/main-63271ccb045a11789d57.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.168 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads-partners.coupang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 837043e9e9294d74-FRA
content-length: 6
content-type: text/plain;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6677af19e9824dc335a23523541fb67f25e72b495b70977755d920ed931a23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12320
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 15:40:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6048 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.todawa52.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:37:14 GMT
expires: Mon, 16 Dec 2024 15:37:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4EE6 829 B
1 KB 77ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdb1ec23025bb33aa8e935beea1c5456d510177178892c3b0281ee2035caf3ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8mmbPGCvmArzuyfeN1gWcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.todawa52.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8mmbPGCvmArzuyfeN1gWcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 15:40:34 GMT
expires: Sun, 17 Dec 2023 15:40:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6048 39 KB
15 KB 58ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 08:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 08:14:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4EE6 0
0 53ms
52ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=438902248146049&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6048 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gLiTKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:40:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=438902248146049&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfONuDr9LC9Urrcey94gF63rVXQDbwmTn4RmMC-3tlglgZ1_vGqikPvsS3juyjDhxGAgAAADNSAAAAAmgBB5kC6mKDE6JMtvavJBcfgfTBMkzBqL59-3VY1NpnmQJnQiS3y_RBX9DtL9vPS0aYTxWjfmFdSAmxG-NdnI0AbudjcMBXzf79c5gpzi0UsBGhqLjr7HqRBUTkwa6ZD8i6UZeq12qacOe0Qt-UxVTWNmIU1s88s91YgnPq93Dj3fDrugr9JsGFmnlMy_CEGyuomL8WiEytgkVmNcqUO0nB--e7bzT1x0oQQjSFWYMDx2_MG-IECMsR-k6KooQmW6j_NDGhkJ_CJHvkzwtV8_kR5R_-BwLgYanJ8o1tC9SEuUDufrKdsqocRRORgX8NLIqcduHRGnqY_fYnKe68r9rPNHNPdioK_jtAdEzdZC_cb0OnfqCZ-jkQ457JI62ciDtvnlzpqRSc6wjT9g9fi8_NdDmBPCS8UooudaznDflXr7YsxnEVp37G5nnreQdIhB3cWlp3ZZyXWDYSBiPJQUQKPNdmyzQKhvS6ArkWG2fVXBT_CyAFjKtV8H1P7ALpbAJg_CfVci5rT0E5eBhrvT3iA02WrAX4KONMN5C8_luJdZLj-bgbbOYEDvK3Ot8DFrwUU9Goku8ld60QTfCQnY2NGzRb9Q3F3WcJrxmFt_c1HOuCBs02PAp6XPWbFfFS5qlT6cT9Zvp6NYaH2OTpb99zddP-C3mGhq2liMBxFg-If73wvkAYDZoFGn49Cmm06nFkFIq6w1lgCWH5UaC4XUqDKfNuF1jwweiJCwmtaT5D8hlz8RqZdfgAC0EGFZfRRRPUqj-zFBx1_fCWvr379lLwEEcYEqs38MJ3-X8jyvxTwBcEaeCYW2GH269oxsTwZSdlxE6DAU3hD9PqgoLxQQzYynztVL6aC3-Et1B4SX6xOBDyK9JD_J_GYyrMB1lGpL0Gyn0BisPBfyMpCofWJNj81UPwsKboWTpIM_G3AuCj29vqWmlc6NYsmzbuhB4RDy75mDS30YRbznl0iTnoNkTWaqHnHnFQmS3A6ApWp-Rl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.todawa52.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: engine.tend-table.com
URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cHM6Ly93d3cudG9kYXdhNTIuYXNpYS9ob21lLnBocA==&inflow=&query=&lang=utf-8&cookieval=&tm=1702827634102&jquerycallback=foinCookie.setReferrer_local

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad.abchub.site/	1970-01-20 17:21:09	Name: FOIN_REF1 Value: https://www.todawa52.asia/
ad.abchub.site/	1970-01-21 02:36:27	Name: HEAD Value: 021050TyiBBVp
ad.aceplanet.co.kr/	1970-01-20 17:21:09	Name: FOIN_REF1 Value: https://www.todawa52.asia/
ad.aceplanet.co.kr/	1970-01-21 02:36:27	Name: HEAD Value: 021050TyiBC0w
ads-partners.coupang.com/	1970-01-20 17:10:32	Name: AWSALBTGCORS Value: KHInNTF/G7NG/7u5K/KV9OmXTP+92FW/EqljypHmanCM4lKLi/yf93cZ5woNtZF6sGKerzQlortLjwMYOw70SlyrAqtzAnlqaoP5wnBlNZNbgSTici2ioJ+Y4BpJMXbKKXI6js4bCxZFD9YqVmgZZ/XW8OcoaWH1uTfISk0MAIsxr3OAK7U=
ads-partners.coupang.com/	1970-01-20 17:10:32	Name: AWSALBCORS Value: nl8Lip8CrivWbhBjfFH1UQHHYCsU6riV4eElGjLdcksju4k25mwLhve6KRY9SOcP6FKuCR83dOGfcVpRMrhogjVeZauY4HOacOtQPBUB5E4jd3OhGyc5kwzxH+pI
.todawa52.asia/	1970-01-21 02:22:03	Name: __gads Value: ID=141cb4e5bd1e8482:T=1702827631:RT=1702827631:S=ALNI_MYn3jGlprcXq5kkNfXetLzL-t2Ikw
.coupang.com/	1970-01-20 17:00:29	Name: __cf_bm Value: MEqU8egpQ6aCEz6jZqB8Kosci8nul15O2qjTIKli8yo-1702827632-1-AZkl65n7VlS1IETVw6OsyGctYNrteOMclE90mHESyS6WTEyX2BG+w7D4+45yq5HNUjOlhiDlUaRgGyqJ0LNmOWM=
.doubleclick.net/	1970-01-21 02:22:03	Name: IDE Value: AHWqTUnvv_4-jmqKI4j3sGuyuujHodVo0dPEETHk9G-_ocxpX02CRfspy8qNm99jawo

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=066i&out=script, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=066i&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads-partners.coupang.com/g.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=066i&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads-partners.coupang.com/g.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ad.abchub.site/cgi-bin/PelicanC.dll?impr?pageid=0FAE&out=script Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ad.aceplanet.co.kr/cgi-bin/PelicanC.dll?impr?pageid=05yZ&out=script, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://engine.tend-table.com/cgi-bin/WebLog.dll?servicename=REF&ref=aHR0cHM6Ly93d3cudG9kYXdhNTIuYXNpYS9ob21lLnBocA==&inflow=&query=&lang=utf-8&cookieval=&tm=1702827634102&jquerycallback=foinCookie.setReferrer_local Message: Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a7c006d686e1cbbd073e8ef3bcdda07.safeframe.googlesyndication.com
ad.abchub.site
ad.aceplanet.co.kr
ads-partners.coupang.com
ads.eu.criteo.com
cat.nl3.eu.criteo.com
code.jquery.com
csm.eu.criteo.net
engine.tend-table.com
i.keezip.com
imageproxy.eu.criteo.net
img1a.coupangcdn.com
js.ad4989.co.kr
logs-partners.coupang.com
pagead2.googlesyndication.com
partners.coupangcdn.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
static.coupangcdn.com
static.criteo.net
t3c.coupangcdn.com
todawa9.asia
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.todawa52.asia
engine.tend-table.com
101.235.211.24
104.18.21.168
178.250.1.6
2.16.202.57
202.97.174.25
211.226.25.200
220.117.190.132
2600:9000:214f:3e00:18:c55a:9580:93a1
2600:9000:223e:4e00:1c:70ca:66c0:93a1
2606:4700:3035::ac43:8e6f
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a04:4e42:600::649
2a06:98c1:3121::3
88.221.124.15
99.86.4.64
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01f68ef3a7eef7b7cc21cacca00a0c191f172d4327e4f04399191ffaac8cae49
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08301942ccf98063d3fa6bae145c2d1d0a546bde660406213b9087127e354fce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
109586e1723757908c2bcd8a0fb78d4dc4fe5fd5e04589b9fcca888d2a97b907
1131f045ddc50292cb1ed4af9659a0850359a37bc401e4a9ef7062a52abb836f
116edc6a4845cc248f79f7e244ab63e9b7e1f567bee2755fa3d424fd93974fbc
165cce343e9ac8e23c654044ae000a76a621d9679ec143cb44c32576365ad806
1e18c00f7d939493d0e4c97c057493a49da1e1d7847b151fbd2772f3ac502904
1f058e34466ba6ea21f79d5c403d68bf61d42b9cc0e43c09d433545da33a16c6
27ce170f477b80957c55e1939c87820de82f8ce1bc71571477bf78de9ba34ed4
2d930af4bd5419bf72222580b88380a552e44fc551211bea4f14fee9800c4c59
308052b1bf48d457ff68c33a498c882f75beaae17118485be2dd3163fe0c7c11
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3d322485983f9bf6aa843345c3eb6dcc06b6d60555c849a778133ac335aa4251
401604b81dd791bf5bf16875bd7d5db040bbf4f672313ab622791ecabac27f8c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4bf6544d10716395f3e62d1c9b336b19fb62c85444f2d666975917199c28d7e1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5e5ce83a1abacd834f7e44a3be40475fdbb8034a7a1f1da33ab6ad985d0b94a2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ea8b8e5fb63e30170770409f524bac18a024b210d690fa0db919212269a14a
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
6bd415fb0978ecddc6a9a1e77da54a17e77044f2a7c3d1fb9c6dbe82d2a5dbeb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72855f862df04b84b9755977382129f3f7f22f188f02686807e0eb5df1916155
72863df27774cdc732cd14c6373ed2fbb25b7baaba2456673bf8685e784e6e83
736c2b461b255661d3cd98998bc2dfc4128b27e765130b75b246a0d77378d589
783361ed917fad413a4249d12774f5b0be1e4e75495da00e3b3e9edb1e10926f
79a7a4a7d47e36b28735a2eb6d7072da4d4b8fe4d53c9d914c8ae1858896c05d
7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb
825bb65c3cf6d63f4db6c3c26793dd0cc7e2c846b5732bffd8eaea2f0612ac87
847b414f20844ef4b3f04ab435115b6810c52edf7f6c64a441a8ca8a3381cfeb
873c92c0f5808842227fc7b93aa70f48a816abedf57bd268de030969f4734bcb
899cd99a24a6950e11055aef298623208bde99364981f3a8b48b2c8580ca3d14
8a4627e31c21d797c278d8a10b656d1df029479270f65711af926a92390dd2bf
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9360e04a7269b6bfe97482d59c4a96934638b7bebc7fe9b3d79f5c21f5a66cc7
95a735225668834c0832ea7ec86aed467fc571e579e54fa9d350250d9a72edc6
95cc2e4f776efa221869f535cff4e6a4fe29c38490ea5da27151f1bf15e73563
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4d9e2cbab3e0d55a661df4ffba7c67a137191d93b5e1714cf56b5eafb052c07
a58665078337891f1c79159a58f062e1883fbf36982791c50216b1ed89b1f050
a6677af19e9824dc335a23523541fb67f25e72b495b70977755d920ed931a23b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab16e5f8339f6892b300bdb63997390a666e155ba1f7be149f2e809eb7dcf68b
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b69a455a83d3849bbd05acb2927a8fb67665a8a24a13bc80256ca44025100709
bbcd5cfe60b8f22bfa4580ff550220de860dbb95e54211cdcf22095e78c2ec64
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bf0d6da2b17b813749a8b61047b209827603fb1fdff3ef336df7e67fe16aefe9
cb70fece6a40931a960f9dad48a6929364541844013f98cfe63e6f78a3e44550
cdb1ec23025bb33aa8e935beea1c5456d510177178892c3b0281ee2035caf3ba
cf18a9ed9a6aa889d227de181fe071fe47062764cacd90c4423b81b6bbbee834
cf2b04e65eac6603f6472fe3b58bda2918c4a4fdbe0a5878eda75da7d43b4925
d22868dbb660acc95fec8868fbbcf2979c3ec66becf9a1e9b64c8a2252553196
e1bdc4c80ed0efafe91180d84a9516d1b468a47ec7bf03db4230e527e014cdd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7985a42dd917c9daf4cd2288e298caab5320df9927ee0ccdf43fed99f2cacf2
e8a57e51ca4ccf80a78e91a18e4a45c93f6f266a7d9d8ff54c93d2f7bd33ccd5
ed0e54d3733153667e0c73b418b4a4219087f69af048f715e8c0d360112b0571
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34285967052f4d10e4732af244d5db654ab1b685b9f505cf770dbc186bc7171
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f89a06d4661e5607389bec9499b0d799fb723f1319cdb5fd1024fa5d70161075
fd3a78c44240fc968612ed1a66b1ddf9f2e88ee172a587673e20a3d2709194c3

www.todawa52.asia Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

98 %HTTPS

64 %IPv6

16 Domains

26 Subdomains

25 IPs

6 Countries

1725 kBTransfer

2933 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.todawa52.asia Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

98 %
HTTPS

64 %
IPv6

16
Domains

26
Subdomains

25
IPs

6
Countries

1725 kB
Transfer

2933 kB
Size

9
Cookies

90 HTTP transactions
1 data transactions