urlscan.io logo urlscan.io
SecurityTrails logo

loa-todo.com Open in urlscan Pro
146.56.46.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://loa-todo.com/
Effective URL: https://loa-todo.com/
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 3 countries across 22 domains to perform 50 HTTP transactions. The main IP is 146.56.46.160, located in Seoul, Korea, Republic Of and belongs to ORACLE-BMC-31898, US. The main domain is loa-todo.com.
TLS certificate: Issued by R3 on October 11th 2023. Valid for: 3 months.
This is the only time loa-todo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 146.56.46.160 31898 (ORACLE-BM...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 18.66.110.17 16509 (AMAZON-02)
5 2600:9000:264... 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:264... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 54.93.125.110 16509 (AMAZON-02)
1 2606:4700::68... ()
2 34.95.69.49 ()
1 52.222.209.4 ()
1 34.120.111.33 ()
50 27
4    146.56.46.160 (Seoul, Korea, Republic Of)

ASN31898 (ORACLE-BMC-31898, US)
loa-todo.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.66.110.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-17.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    2600:9000:2644:ae00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:2644:bc00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
1    2600:9000:223c:6c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    54.93.125.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-125-110.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2606:4700::6812:1791 (None, )

ASN- ()
cadmus.script.ac
2    34.95.69.49 (None, )

ASN- ()
i.clean.gg
1    52.222.209.4 (None, )

ASN- ()
aax.amazon-adsystem.com
1    34.120.111.33 (None, )

ASN- ()
cdn.edkt.io
Apex Domain
Subdomains		 Transfer
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3190
test.cmp.quantcast.com — Cisco Umbrella Rank: 11889
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 13468
193 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com
72 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
175 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
36 KB
4 loa-todo.com
loa-todo.com
291 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
187 KB
2 clean.gg
i.clean.gg
104 B
2 gstatic.com
fonts.gstatic.com
33 KB
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 35268
957 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
296 B
2 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 29366
300 KB
1 edkt.io
cdn.edkt.io
8 KB
1 script.ac
cadmus.script.ac
46 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
1 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
9 KB
1 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
31 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
917 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
84 KB
0 venatusmedia.com Failed
track.venatusmedia.com Failed
0 fastclick.net Failed
secure.cdn.fastclick.net Failed
50 22
Domain Requested by
5 cmp.quantcast.com hb.vntsm.com
cmp.quantcast.com
4 fonts.googleapis.com loa-todo.com
4 loa-todo.com 1 redirects loa-todo.com
3 c.amazon-adsystem.com hb.vntsm.com
3 pagead2.googlesyndication.com loa-todo.com
pagead2.googlesyndication.com
2 i.clean.gg hb.vntsm.com
2 id.hadron.ad.gt hb.vntsm.com
2 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 hb.vntsm.io hb.vntsm.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
2 hb.vntsm.com loa-todo.com
hb.vntsm.com
1 cdn.edkt.io cadmus.script.ac
1 aax.amazon-adsystem.com hb.vntsm.com
1 cadmus.script.ac hb.vntsm.com
1 audit-tcfv2.cmp.quantcast.com hb.vntsm.com
1 rules.quantcount.com secure.quantserve.com
1 a.ad.gt cdn.hadronid.net
1 test.cmp.quantcast.com hb.vntsm.com
1 secure.quantserve.com cmp.quantcast.com
1 cdn.id5-sync.com loa-todo.com
1 cdn.hadronid.net loa-todo.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ad-delivery.net hb.vntsm.com
1 www.googletagmanager.com loa-todo.com
0 track.venatusmedia.com Failed hb.vntsm.com
0 secure.cdn.fastclick.net Failed loa-todo.com
50 28

This site contains no links.

Subject Issuer Validity Valid
loa-todo.com
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-07 -
2024-08-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
cmp.quantcast.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
api.edkt.io
GTS CA 1D4		 2023-09-27 -
2023-12-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://loa-todo.com/
Frame ID: 7F5CCF16E027F35035ECC76A533CC0CB
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: BD2C8744AC0D3620DB0F86F8ED99E50E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135250198762448&output=html&adk=1812271804&adf=3025194257&lmt=1697724108&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Floa-todo.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699969932726&bpp=4&bdt=655&idt=299&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4474340459387&frm=20&pv=2&ga_vid=1959587926.1699969933&ga_sid=1699969933&ga_hid=787089646&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C44807460%2C31078297%2C31079570%2C44807752%2C44806141%2C44807763%2C44808148%2C44808284&oid=2&pvsid=952988816743029&tmod=244401969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 8545DEF36777A977E3F25841C0E1F3C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

loa-todo

Page URL History Show full URLs

  1. http://loa-todo.com/ HTTP 301
    https://loa-todo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

50
Requests

94 %
HTTPS

73 %
IPv6

22
Domains

28
Subdomains

27
IPs

3
Countries

1483 kB
Transfer

5218 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loa-todo.com/ HTTP 301
    https://loa-todo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
loa-todo.com/
Redirect Chain
  • http://loa-todo.com/
  • https://loa-todo.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
2874bf8212ca77aa01dbf6e35b9eb3d9aed310beb05d8c403af26d1c54ee15c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Nov 2023 13:52:11 GMT
ETag
W/"c17-18b483e0ce0"
Keep-Alive
timeout=5
Last-Modified
Thu, 19 Oct 2023 14:01:48 GMT
RateLimit-Limit
150
RateLimit-Remaining
149
RateLimit-Reset
307
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
219
Content-Type
text/html; charset=utf-8
Date
Tue, 14 Nov 2023 13:52:10 GMT
Keep-Alive
timeout=5
Location
https://loa-todo.com/
css
fonts.googleapis.com/ 		9 KB
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 12:27:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 13:52:12 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 13:52:12 GMT
css2
fonts.googleapis.com/ 		94 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+KR&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b242e6b6df653fea56e783fc199d820ed00c969591fb5800b8bf95992cf9a1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 13:52:12 GMT
css2
fonts.googleapis.com/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Jua&display=swap
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72cc4b30f88e322ebdfa83f3a77086c08b70e678c102b91c2c895f45fa247545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 13:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 13:52:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7135250198762448
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b4fb84ba4fcfe8ada0b71df8dedd7f66c41fab0c6b628902adea135eaf2f6c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loa-todo.com/
Origin
https://loa-todo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52781
x-xss-protection
0
server
cafe
etag
18161675646480608849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 13:52:12 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27f14effa55bcf715574e18db19a4d967d5200c83160aa3c01e4a05dd9c06eae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85309
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 13:52:12 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		998 KB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e7c5597e016120dc62a12b39d743247757b04137995991365c908b58b7265923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
11/13/2023 22:50:32
cdn-pullzone
131999
last-modified
Tue, 31 Oct 2023 11:39:03 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"e02b07ea262bacb01924c16282872423"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
f5a38b1b4e276f892a24b68e7b3c1a29
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
main.4596a93b.js
loa-todo.com/static/js/ 		1022 KB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loa-todo.com/static/js/main.4596a93b.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
b8a11f8ce45d49b09d1fb8e9269f22ade4cab2277d84f17094d71f5412c69f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

RateLimit-Reset
306
Content-Encoding
gzip
Date
Tue, 14 Nov 2023 13:52:12 GMT
Transfer-Encoding
chunked
RateLimit-Limit
150
Connection
keep-alive
Last-Modified
Thu, 19 Oct 2023 14:01:48 GMT
ETag
W/"ff759-18b483e0ce0"
Vary
Origin, Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
RateLimit-Remaining
147
Keep-Alive
timeout=5
main.15cca72d.css
loa-todo.com/static/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loa-todo.com/static/css/main.15cca72d.css
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.56.46.160 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
8b2c6a2986605e4489d0d58ea2cc09813270d13ba1303861c8affeefc8ae6d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

RateLimit-Reset
306
Content-Encoding
gzip
Date
Tue, 14 Nov 2023 13:52:12 GMT
Transfer-Encoding
chunked
RateLimit-Limit
150
Connection
keep-alive
Last-Modified
Thu, 19 Oct 2023 14:01:48 GMT
ETag
W/"4194-18b483e0ce0"
Vary
Origin, Accept-Encoding
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
https://cam-loa.com
Cache-Control
public, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
RateLimit-Remaining
148
Keep-Alive
timeout=5
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W7YCQLYHSC&gtm=45je3b81v877959976&_p=1699969932508&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1959587926.1699969933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699969932&sct=1&seg=0&dl=https%3A%2F%2Floa-todo.com%2F&dt=Loa-Todo%20-%20LostArk%20Tool&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2139
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 13:52:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://loa-todo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7135250198762448&plah=loa-todo.com&bust=31079570
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7135250198762448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4438ff667da5c0109150cf1825e76d16298f486180452a37a39d71543ab99484
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138412
x-xss-protection
0
server
cafe
etag
2539281986460188155
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 13:52:12 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame BD2C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7135250198762448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loa-todo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5375
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 12:22:37 GMT
etag
16674218716276178799
expires
Tue, 28 Nov 2023 12:22:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
content.html
hb.vntsm.io/ 		32 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:13 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
T53VE94TFVMQX387
content-length
32
x-amz-id-2
znAkr4CV9fui2C+GM7DqB1JTNoyFQ+HJTjqDOwI9rX8sfvWkPbr034/U5SB9qzt71aPuq6b6FZM=
geo
DE
geo-subdivision
DE-HE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825fbbd23acf9156-FRA
6385d1215df4145771e09231.enc
hb.vntsm.com/v2/live/ 		30 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/6385d1215df4145771e09231.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
e387b65de64ddd14d9315c84ea445a8c02b210e4884ada6c84ac2f9df526726f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:12 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
11/13/2023 22:54:17
cdn-pullzone
131999
last-modified
Thu, 21 Sep 2023 10:56:50 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"d89835aa31c41fa3a32b543ce7a1fcb9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
5e3dd9c72f663f8007cc7b1272f84a02
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
content.html
hb.vntsm.io/ 		32 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:13 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
T53VE94TFVMQX387
content-length
32
x-amz-id-2
znAkr4CV9fui2C+GM7DqB1JTNoyFQ+HJTjqDOwI9rX8sfvWkPbr034/U5SB9qzt71aPuq6b6FZM=
geo
DE
geo-subdivision
DE-HE
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
825fbbd23ad19156-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 8545 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135250198762448&output=html&adk=1812271804&adf=3025194257&lmt=1697724108&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Floa-todo.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699969932726&bpp=4&bdt=655&idt=299&shv=r20231109&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4474340459387&frm=20&pv=2&ga_vid=1959587926.1699969933&ga_sid=1699969933&ga_hid=787089646&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44801779%2C44807460%2C31078297%2C31079570%2C44807752%2C44806141%2C44807763%2C44808148%2C44808284&oid=2&pvsid=952988816743029&tmod=244401969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7135250198762448&plah=loa-todo.com&bust=31079570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9042c2debdf3eb011ddd9741ea07b753cfeca449bcc16d3f5e484555559d3ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://loa-todo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4554
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 13:52:13 GMT
expires
Tue, 14 Nov 2023 13:52:13 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7135250198762448&plah=loa-todo.com&bust=31079570
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loa-todo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 20:32:45 GMT
x-content-type-options
nosniff
age
407968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 20:32:45 GMT
px.gif
ad-delivery.net/ 		43 B
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186576
x-guploader-uploadid
ABPtcPouH56lMeVGzy1A4WFSunpp4dJltv9xIt9zsObHQSrOp0JGYtKvcriJRE3aSxNkZdn1tML3sGLg4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lHTYFttLWPnSCmCPTKNcL19BTL6IMvtJfAIT8pP7xsb6%2BPFKabFPDO3OqiBZouRBJb8gP8vCntro7cQtbAi3UZdvjb%2Bk%2F9V3k08DtUuu4lAJfGi8I2cBw1GEhiphJLFRl21YFOcGvE0mzLz3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
825fbbd55d8e8fe3-FRA
expires
Sun, 12 Nov 2023 10:54:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d41134b0aeaf880a5c1b57043370c627678600d29505112cde91a70d2c0ebb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31522
x-xss-protection
0
server
cafe
etag
91 / 19675 / m202311090101 / config-hash: 4139038881701353164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 13:52:13 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 11:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
9308
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 13 Nov 2024 11:17:05 GMT
co3KmW9ljjAjdojPCM3T3NGswha8jSmuzy4jzT-N.119.woff2
fonts.gstatic.com/s/jua/v15/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jua/v15/co3KmW9ljjAjdojPCM3T3NGswha8jSmuzy4jzT-N.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jua&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf9ab82858f45c39e9ac7768654878442c0e1e3f14f95aca764f6991b0f99427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://loa-todo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:25:46 GMT
x-content-type-options
nosniff
age
329188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17276
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:28:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 18:25:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:38:53 GMT
content-encoding
gzip
via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
801
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
hs4Gx0WOb31ab6xGNUi42xeTbAT1aucy32mIsedeS_CS31IedoF20Q==
choice.js
cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1699969934351
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca6c331f5de78a7679e1219e1af19706d6c5eb8ee57d208f815511047eb24b97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:15 GMT
content-encoding
br
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
last-modified
Thu, 10 Aug 2023 23:43:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P6
x-amz-server-side-encryption
AES256
etag
W/"e757115d17404882a3a2e1d29e9377ed"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
IYDzyd-YlSEHFoXN3IBrc6vNoreKQH4HTemleapqHjo1Pe9RT__AzA==
70247b00-ff8f-4016-b3ab-8344daf96e09
config.aps.amazon-adsystem.com/configs/ 		537 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a8125d8eecb80041580b64c5f70fbd2b70baf0d063d50b0885088f0b812df31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:33:33 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1121
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
mw3b-Xzbb9EZ5muG27IC-2yyB5K7ZRIXqtJaHQ3X9CXj0eBkubnuTg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Floa-todo.com&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:26:40 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
age
15933
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://loa-todo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
ybHOQVXB96XSLVdgT5EyxBGE2lpojuyZ7bab5BY8vxLDNAPdzosssA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-110-17.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:39:32 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
15163
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
eS6Zs2Dk0MTm6_FXnRvWjwZaWPYW7orvbi35JeA9eJNeJ4Sor9GdHg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		0
0
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Floa-todo.com%2F&ref=&_it=amazon&partner_id=288
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:14 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
4111
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
825fbbdb38064d95-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		146 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: loa-todo.com
URL: https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 09 Nov 2023 09:47:12 GMT
server
cloudflare
x-amz-request-id
11DQWDDY4RBP0SJC
age
1523
etag
W/"6fff3300e0f1877d9a9539bf74fe5483"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
825fbbdb2d6465c7-FRA
x-amz-id-2
P1wDkDAk7GcN/Nm4NiBoVWJ5GJELK2LhldOST0KH7F5D/3CjCqvOaZ0nuFQWINO9ylhzBYBqdg0=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		0
0
hadron.json
id.hadron.ad.gt/v1/ 		97 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=loa-todo.com&url=https://loa-todo.com/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4113f67f8b5002b56b78c4d8e0adb11bc702ed13b927aca36c566b1dbd209240

Request headers

Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 13:52:14 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
825fbbdcaa0218fd-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=loa-todo.com&url=https://loa-todo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://loa-todo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
825fbbdbe91718fd-FRA
content-length
0
content-type
application/json
date
Tue, 14 Nov 2023 13:52:14 GMT
debug
OPTIONS block
expires
Wed, 13 Nov 2024 13:52:14 GMT
server
cloudflare
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1699969934351
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:14 GMT
content-encoding
gzip
etag
"0nVqEbFaTM2zzuiWgn9NwQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 21 Nov 2023 13:52:14 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		160 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=loa-todo.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/loa-todo.com/choice.js?tag_version=V2?timestamp=1699969934351
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:04:14 GMT
content-encoding
br
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
2881
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 28 Sep 2023 19:02:48 GMT
server
AmazonS3
etag
W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
bifx1vzLkyIocdvouYJZN-et4201dh1Gt9q_WjD6cG0mKJ-6pRDHuA==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:bc00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
127b20ff1acfdaee7aabfc56474163fc856e32889eb24b99e5ae14e5d46db080

Request headers

Accept
application/json, text/plain, */*
Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:00:41 GMT
x-amz-version-id
7LohFQSAoav14kcjEHCJ6BKANRcxR0XL
content-encoding
br
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
39095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 10 Nov 2023 19:52:29 GMT
server
AmazonS3
etag
W/"3ec759ed2c6d810d036ac550eac15d46"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
zo3Uci_M67NPyiRrGXMxC70LpSByxVsvVxu34CDvmz4M7g_Zfm9GnA==
288
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Floa-todo.com%2F&ref=&_it=amazon&partner_id=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383d8147c05d14390d88616b2ae70e20d137332a8868ae86a397e9dfd7035a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 13:47:33 GMT
server
cloudflare
age
282
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
825fbbddc93c4d43-FRA
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:39:13 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
784
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
qkmtI6wX0TRo3PPkolJ5xV9anExwUHai4FlKmEBxP7Rw-VEklP6D_w==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/48/ 		280 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=loa-todo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 17:11:13 GMT
content-encoding
br
via
1.1 cae5c5323232533718f592c973f01432.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
160863
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Thu, 28 Sep 2023 19:02:13 GMT
server
AmazonS3
etag
W/"536ccb89e71d91899cbb40217285c9c4"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
XKeWYnRa7_iQueqKe78ovtO0ti46kI9ETdmV_y66I4U4DWImZRCYpQ==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		360 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fa2aa1b740020ede9aaf0f7729e567cea267e56f75ad0342b825dda942a117e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:00:39 GMT
content-encoding
br
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
39097
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Nov 2023 03:00:35 GMT
server
AmazonS3
etag
W/"920c6f7c697507520129f0694e692279"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
APiOmHdih5N465MVY_hihmkmzRTkrJAAR153quqQBmVV_TBljxr-yg==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		141 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0aa212492deb3d88b8a55d8c4c7cced86e815d5ffab77f96252db8bb4a1dd997

Request headers

Accept
application/json, text/plain, */*
Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:00:29 GMT
content-encoding
br
via
1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
39107
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Nov 2023 03:00:26 GMT
server
AmazonS3
etag
W/"37c2778822e4ec73a8a31ed41abe36ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
NgMx50-SLTF8_nPGgux-e5mIgSe84vCLqa0N0JszhR_6pMpfvq3AQA==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22loa-todo.com%22%2C%22publisher%22%3A%22loa-todo.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%227QLlruuYjPnL0M2YZB1Xqg%22%2C%22clientTimestamp%22%3A1699969935051%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-5mc24kf5flbr9ggjua1%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.125.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-125-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Nov 2023 13:52:15 GMT
content-length
2
content-type
text/plain; charset=utf-8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-W7YCQLYHSC&gtm=45je3b81v877959976&_p=1699969932508&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1959587926.1699969933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699969932&sct=1&seg=0&dl=https%3A%2F%2Floa-todo.com%2F&dt=Loa-Todo%20-%20LostArk%20Tool&en=scroll&epn.percent_scrolled=90&_et=39&tfd=7180
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W7YCQLYHSC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 13:52:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://loa-todo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.js
cadmus.script.ac/d1oykxszdrgjgl/ 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ded27355c85e6501d3a8a614da45020e2ae534863683201bfc4180c69518a0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:19 GMT
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 12:36:28 GMT
server
cloudflare
age
0
etag
W/"9a8a75877440dfb192ce8e2e34ea7d6defb4a6be"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
825fbbf6d8379018-FRA
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://loa-todo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 14 Nov 2023 13:52:19 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Floa-todo.com%2F&pid=Wp2pxv7VoAq7s&cb=0&ws=1600x1200&v=23.1108.2350&t=3500&slots=%5B%7B%22sd%22%3A%226392ea8905a13a7406cc8938-1100%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22852769469%2FVM_6385d1215df4145771e09231%22%7D%5D&schain=1.0%2C1!venatus.com%2C6385d0c5225bae680783f4c8%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.4 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://loa-todo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 13:52:19 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
TA6B6RAZG4JP5YRPDS89
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://loa-todo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
7qt6v7-tGa4KhnFN-PcsX15wneVwDa-pVFUsKwrx2Z2LMg8HfYP92g==
edgekit.min.js
cdn.edkt.io/rNn9xk/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
e6a480e9979510bf3e2106532dfdcc6e5ed40b8ac23cb4ab9db09b9292a33848

Request headers

Referer
https://loa-todo.com/
Origin
https://loa-todo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:15 GMT
content-encoding
gzip
age
51724
x-guploader-uploadid
ABPtcPqBvvNorFTIwU4WsxuyHh0XTlko8lUUnlyBZl1gsM8FNsfR7Z6TuOKkMY8mHEFvZ__ty4C99w2wEl2gy0w3Y1oxRSCjsuar
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7873
last-modified
Tue, 31 Oct 2023 12:33:33 GMT
server
UploadServer
etag
"13bee7285781604020179f1a7e16fca2"
x-goog-generation
1698755613237226
x-goog-hash
crc32c=ktXb6Q==, md5=E77nKFeBYEAgF58afhb8og==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7873
accept-ranges
bytes
expires
Tue, 14 Nov 2023 23:30:15 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 -, , ASN (),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://loa-todo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 14 Nov 2023 13:52:19 GMT
server
nginx/1.21.6
via
1.1 google
track_enc
track.venatusmedia.com/dual/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.cdn.fastclick.net
URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Domain
secure.cdn.fastclick.net
URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Domain
track.venatusmedia.com
URL
https://track.venatusmedia.com/dual/track_enc

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __VM object| googletag object| webpackChunkloa_todo number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| __vm_add object| uponit object| apstag function| __tcfapi object| _aps boolean| apstagLOADED object| apscustom function| ha object| cnvr_launcher_options object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ object| _qevents object| regeneratorRuntime function| __tcfapiui function| __uspapi object| au function| quantserve function| __qc object| ezt object| _qoptions

3 Cookies

Domain/Path Name / Value
.loa-todo.com/ Name: _ga
Value: GA1.1.1959587926.1699969933
.loa-todo.com/ Name: _ga_W7YCQLYHSC
Value: GS1.1.1699969932.1.0.1699969932.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
audit-tcfv2.cmp.quantcast.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hb.vntsm.com
hb.vntsm.io
i.clean.gg
id.hadron.ad.gt
loa-todo.com
pagead2.googlesyndication.com
region1.google-analytics.com
rules.quantcount.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
track.venatusmedia.com
www.googletagmanager.com
secure.cdn.fastclick.net
track.venatusmedia.com
146.56.46.160
18.66.110.17
2001:4860:4802:32::36
2400:52e0:1e00::1081:1
2600:9000:223c:6c00:6:44e3:f8c0:93a1
2600:9000:2644:ae00:9:46dc:4700:93a1
2600:9000:2644:bc00:3:a4cd:8380:93a1
2606:4700:10::6816:2f8e
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:20::681a:346
2606:4700::6812:1791
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2002
2a00:1450:4001:829::2003
34.120.111.33
34.95.69.49
52.222.209.4
54.93.125.110
99.86.4.128
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0aa212492deb3d88b8a55d8c4c7cced86e815d5ffab77f96252db8bb4a1dd997
127b20ff1acfdaee7aabfc56474163fc856e32889eb24b99e5ae14e5d46db080
27f14effa55bcf715574e18db19a4d967d5200c83160aa3c01e4a05dd9c06eae
2874bf8212ca77aa01dbf6e35b9eb3d9aed310beb05d8c403af26d1c54ee15c6
2d41134b0aeaf880a5c1b57043370c627678600d29505112cde91a70d2c0ebb4
383d8147c05d14390d88616b2ae70e20d137332a8868ae86a397e9dfd7035a6f
3fa2aa1b740020ede9aaf0f7729e567cea267e56f75ad0342b825dda942a117e
4113f67f8b5002b56b78c4d8e0adb11bc702ed13b927aca36c566b1dbd209240
42a726b720a08323e442331a9a1ab4a9028a708852d293c09925e2ed6b5fca56
4438ff667da5c0109150cf1825e76d16298f486180452a37a39d71543ab99484
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
72cc4b30f88e322ebdfa83f3a77086c08b70e678c102b91c2c895f45fa247545
7b4fb84ba4fcfe8ada0b71df8dedd7f66c41fab0c6b628902adea135eaf2f6c3
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8b2c6a2986605e4489d0d58ea2cc09813270d13ba1303861c8affeefc8ae6d01
9042c2debdf3eb011ddd9741ea07b753cfeca449bcc16d3f5e484555559d3ef5
a8125d8eecb80041580b64c5f70fbd2b70baf0d063d50b0885088f0b812df31d
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b242e6b6df653fea56e783fc199d820ed00c969591fb5800b8bf95992cf9a1fc
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b8a11f8ce45d49b09d1fb8e9269f22ade4cab2277d84f17094d71f5412c69f7c
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
bf9ab82858f45c39e9ac7768654878442c0e1e3f14f95aca764f6991b0f99427
ca6c331f5de78a7679e1219e1af19706d6c5eb8ee57d208f815511047eb24b97
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ded27355c85e6501d3a8a614da45020e2ae534863683201bfc4180c69518a0e4
e387b65de64ddd14d9315c84ea445a8c02b210e4884ada6c84ac2f9df526726f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a480e9979510bf3e2106532dfdcc6e5ed40b8ac23cb4ab9db09b9292a33848
e7c5597e016120dc62a12b39d743247757b04137995991365c908b58b7265923
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615