heho.com.tw Open in urlscan Pro
34.149.230.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heho.com.tw/
Effective URL:
https://heho.com.tw/
Submission: On December 05 via api (December 5th 2023, 11:23:40 am UTC) from US — Scanned from DE

Summary HTTP 334 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 51 IPs in 11 countries across 40 domains to perform 334 HTTP transactions. The main IP is 34.149.230.38, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is heho.com.tw. The Cisco Umbrella rank of the primary domain is 666790.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.

This is the only time heho.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34 64	34.149.230.38 34.149.230.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
15	139.162.82.98 139.162.82.98	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
17	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
44	2606:4700:303... 2606:4700:3038::6815:ebd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1 11	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2011	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
69	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::ac43:8652	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	61.219.68.119 61.219.68.119	3462 (HINET Dat...) (HINET Data Communication Business Group)
19	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
5 19	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	52.29.184.165 52.29.184.165	16509 (AMAZON-02) (AMAZON-02)
2 4	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	139.162.79.137 139.162.79.137	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
334	51

64 34.149.230.38 (Kansas City, United States) 34 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.230.149.34.bc.googleusercontent.com

heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.162.82.98 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1562-98.members.linode.com

ml.oxra.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:3038::6815:ebd6 (United States)

ASN13335 (CLOUDFLARENET, US)

img.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.15 (Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csp.withgoogle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8652 (United States)

ASN13335 (CLOUDFLARENET, US)

json.geoiplookup.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 61.219.68.119 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-219-68-119.hinet-ip.hinet.net

oxra.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.185.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.13.21 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.184.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.97.41 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.53 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.79.137 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-162-79-137.ip.linodeusercontent.com

lifestyle.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kids.heho.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	heho.com.tw 34 redirects heho.com.tw — Cisco Umbrella Rank: 666790 img.heho.com.tw — Cisco Umbrella Rank: 796616 lifestyle.heho.com.tw kids.heho.com.tw	4 MB
80	gstatic.com www.gstatic.com fonts.gstatic.com	4 MB
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	391 KB
35	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	319 KB
21	oxra.com.tw ml.oxra.com.tw — Cisco Umbrella Rank: 926922 oxra.com.tw — Cisco Umbrella Rank: 816950	37 KB
18	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 docs.google.com — Cisco Umbrella Rank: 126 region1.analytics.google.com — Cisco Umbrella Rank: 2693 play.google.com — Cisco Umbrella Rank: 32	85 KB
9	popin.cc api.popin.cc — Cisco Umbrella Rank: 31958 tw.popin.cc — Cisco Umbrella Rank: 96359 log.popin.cc — Cisco Umbrella Rank: 33420 r.popin.cc — Cisco Umbrella Rank: 34110	172 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 i.clarity.ms — Cisco Umbrella Rank: 18363 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	46 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	144 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	946 B
4	google.de www.google.de — Cisco Umbrella Rank: 6765	733 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	1 KB
3	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	310 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	221 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 14517	3 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	766 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	389 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	75 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	599 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	761 B
1	geoiplookup.io json.geoiplookup.io — Cisco Umbrella Rank: 47800	611 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	24 KB
1	withgoogle.com csp.withgoogle.com — Cisco Umbrella Rank: 415
334	40

	Domain	Requested by
69	fonts.gstatic.com	docs.google.com www.google.com fonts.googleapis.com
64	heho.com.tw	34 redirects heho.com.tw
44	img.heho.com.tw	heho.com.tw ml.oxra.com.tw
19	cm.g.doubleclick.net	5 redirects heho.com.tw googleads.g.doubleclick.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net heho.com.tw tpc.googlesyndication.com pagead2.googlesyndication.com
17	pagead2.googlesyndication.com	heho.com.tw pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	ml.oxra.com.tw	heho.com.tw ml.oxra.com.tw
11	www.gstatic.com	www.google.com docs.google.com www.gstatic.com googleads.g.doubleclick.net
11	www.google.com	1 redirects heho.com.tw www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
7	cdnjs.cloudflare.com	heho.com.tw ml.oxra.com.tw cdnjs.cloudflare.com
6	oxra.com.tw	ml.oxra.com.tw
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	unpkg.com	ml.oxra.com.tw
5	fonts.googleapis.com	docs.google.com googleads.g.doubleclick.net
5	www.googleadservices.com	www.googletagmanager.com heho.com.tw
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects heho.com.tw
4	api.popin.cc	ml.oxra.com.tw api.popin.cc
4	www.google.de	heho.com.tw
3	log.popin.cc	heho.com.tw
3	pm.w55c.net	3 redirects
3	sync-tm.everesttech.net	3 redirects
3	dclk-match.dotomi.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	i.clarity.ms	www.clarity.ms
3	docs.google.com	heho.com.tw www.gstatic.com
3	sb.scorecardresearch.com	1 redirects heho.com.tw
3	www.googletagmanager.com	heho.com.tw www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	ad.doubleclick.net	heho.com.tw
2	pr-bh.ybp.yahoo.com	2 redirects
2	play.google.com	www.gstatic.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.clarity.ms	heho.com.tw www.clarity.ms
2	connect.facebook.net	heho.com.tw connect.facebook.net
2	images.dmca.com	heho.com.tw
2	securepubads.g.doubleclick.net	heho.com.tw securepubads.g.doubleclick.net
1	c.bing.com	1 redirects
1	r.popin.cc	heho.com.tw
1	tw.popin.cc	api.popin.cc
1	kids.heho.com.tw	ml.oxra.com.tw
1	lifestyle.heho.com.tw	ml.oxra.com.tw
1	onetag-sys.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	heho.com.tw
1	a.tribalfusion.com	1 redirects
1	json.geoiplookup.io	ml.oxra.com.tw
1	code.jquery.com	ml.oxra.com.tw
1	csp.withgoogle.com	heho.com.tw
334	59

This site contains links to these domains. Also see Links.

Domain
tools.heho.com.tw
pse.is
forum.heho.com.tw
npower.heho.com.tw
www.youtube.com
cancer.heho.com.tw
kids.heho.com.tw
lifestyle.heho.com.tw
myhope.com.tw
cparty.com.tw
sport.heho.com.tw
gogoal.com.tw
www.dmca.com
www.104.com.tw
heho.tw

Subject Issuer	Validity	Valid
heho.com.tw R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
oxra.com.tw R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
images.dmca.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-13` - `2023-12-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
geoiplookup.io GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://heho.com.tw/
Frame ID: 9E6E1F5879B7AA9C89C08F6500B2D598
Requests: 129 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
Frame ID: 309A4B5E1B6AD7F44CB99424EB8FA732
Requests: 78 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Frame ID: A25D181FD4DC49C7E08070F16FBDA3D5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 4B6FC1AE3638D001C3A51FA963D620AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267
Frame ID: E9A9BA15722CEE56D73DA2156EA7D5D3
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274
Frame ID: D3C3024C9659226B49D5EE32AA780F67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278
Frame ID: 70EEA9E1968F3517D51FE848CF9E60DE
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=obizamieey72
Frame ID: 003CA3FD5CC77159B2FB482689B8AAB6
Requests: 8 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ox/mkt/ox-ra.html
Frame ID: 3C8FAA41D0711564F51C736ECFF55CDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&adk=1812271804&adf=3025194257&lmt=1701774902&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775414280&bpp=2&bdt=1834&idt=2&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120%2C1050x120&nras=1&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=85
Frame ID: E935147F098FA3280D8135FA1C569369
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA2D125FF02F76BA80FC627ECC36290C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 65818101C57D3DBFA01503771DF09826
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: C316DBA976284C06FEB44FD934458BA3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 98F64829115DA6D8885485E0C65CE19A
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: F72E8FAF3636B2B55A58B7E862C7B3C5
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: 6A922D2823010F4B6EB8A6D05C5EACEF
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: 4A42C9EA7682B82C4D027BCBE7DD924E
Requests: 1 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: 73421434900A3F8AB16451B91E4E89E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGL27s_wBMAE&v=APEucNWYZCDMUVJEDfzquRHprLWX1yu7TLfkxZewONaXajhW-GM_03cP8bGf0u5tm0Gko-D7vSjzuhspyl71PDH1JRK_Q_OtDC5ZH7SpjYblBgETCuuqu533-dwchzvL-RvvGBuCIQDq7vPZ0NneOJsty7q3vLhx_u0MHZ_AQoVeeBOteQKgKNI
Frame ID: FA4BB5C0C2DF80B670A0F7AE9B29EB50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js
Frame ID: D7C5123A935C6667869A009CD1A81D8D
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1335AD19BDD6017DA1247716AE952A1F
Requests: 9 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: 369013D948EA25A7B177CD7B0A7CE2C9
Requests: 11 HTTP requests in this frame

Frame: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Frame ID: 48007DC775E89562E710238D776AE218
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9E1BEE8D38A5540E31CC7FE48B5C8670
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09AC845A5AEEEE4A71ED53F968EBEDEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E97914084AB4ED9AD0737D65203F8D2F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heho健康 - 最多人看的專業健康媒體

Page URL History Show full URLs

http://heho.com.tw/ HTTP 301
https://heho.com.tw/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

334
Requests

82 %
HTTPS

53 %
IPv6

40
Domains

59
Subdomains

51
IPs

11
Countries

9981 kB
Transfer

16781 kB
Size

43
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://tools.heho.com.tw/
Title: 健康小幫手

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmi
Title: BMI 計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodyfat
Title: 體脂率計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-hospital/index.php
Title: 找院所

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmr
Title: BMR/TDEE 計算機 HOT

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-medicine.php
Title: 藥品查詢

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/search-pharmacy/index.php
Title: 找藥局

Search URL Search Domain Scan URL

URL: https://pse.is/hehoapp
Title: Heho App

Search URL Search Domain Scan URL

URL: https://forum.heho.com.tw/
Title: 討論區

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmi/
Title: BMI 計算機

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bmr/
Title: BMR/TDEE 計算機

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap
Title: 人體地圖查疾病

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body2.php
Title: 腦部/頸部/胸部

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body3.php
Title: 腹部

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body4.php
Title: 泌尿/生殖系統

Search URL Search Domain Scan URL

URL: https://tools.heho.com.tw/bodymap/body-map-body5.php
Title: 皮膚/骨骼/肌肉

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/
Title: 營養師說

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/search-nutrition
Title: 營養查詢

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblHHaZLIpdX7MkSWxcUwcjEu

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblFb-_qRu-kAlhcluxNEfWRR

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblGOlQRC08D0fXdub7ojh3W7

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLXKQ6-iPJblGLe3SnaHbfpTaA6vt1Bg3e

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/
Title: 癌症百科

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/%E8%AA%8D%E8%AD%98%E7%99%8C%E7%97%87
Title: 認識癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/prevent-cancer
Title: 預防癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%E6%B2%BB%E7%99%82%E7%99%8C%E7%97%87
Title: 治療癌症

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/research
Title: 抗癌新知

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/experience-sharing
Title: 抗癌故事

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/rehabilitation-conditioning
Title: 康復調理

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/resource
Title: 協助資源

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%e8%aa%8d%e8%ad%98%e7%99%8c%e7%97%87

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/archives/category/cancer_encyclopedia/%e6%b2%bb%e7%99%82%e7%99%8c%e7%97%87

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/?utm_source=heho-menu
Title: 營養 N 次方營養/生活/美學

Search URL Search Domain Scan URL

URL: https://kids.heho.com.tw/?utm_source=heho-menu
Title: Heho 親子懷孕/育兒/教養

Search URL Search Domain Scan URL

URL: https://cancer.heho.com.tw/?utm_source=heho-menu
Title: Heho 癌症症狀/治療/預防

Search URL Search Domain Scan URL

URL: https://lifestyle.heho.com.tw/?utm_source=heho-menu
Title: Heho 生活品味/美食/旅行

Search URL Search Domain Scan URL

URL: https://myhope.com.tw/?utm_source=heho-menu
Title: 希望商城健康/用心/選物

Search URL Search Domain Scan URL

URL: https://cparty.com.tw/?utm_source=heho-menu
Title: CParty 餐酒文化/餐飲

Search URL Search Domain Scan URL

URL: https://sport.heho.com.tw/
Title: Heho Sports 運動知識/運動營養

Search URL Search Domain Scan URL

URL: https://gogoal.com.tw/?utm_source=heho-menu
Title: GoGoal 勁球網國內/國際足球

Search URL Search Domain Scan URL

URL: https://kids.heho.com.tw/

Search URL Search Domain Scan URL

URL: https://lifestyle.heho.com.tw/

Search URL Search Domain Scan URL

URL: https://gogoal.com.tw/

Search URL Search Domain Scan URL

URL: https://cparty.com.tw/

Search URL Search Domain Scan URL

URL: https://myhope.com.tw/

Search URL Search Domain Scan URL

URL: https://npower.heho.com.tw/nutrition-course?utm_source=floating&utm_medium=heho

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=92f4d6c1-aaf5-4037-9b43-72143adcf46e&refurl=https://heho.com.tw/

Search URL Search Domain Scan URL

URL: https://www.104.com.tw/company/1a2x6bl1fx
Title: 徵才資訊

Search URL Search Domain Scan URL

URL: https://heho.tw/QFIBRN9h4C?pub=428

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heho.com.tw/ HTTP 301
https://heho.com.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

Request Chain 22

https://heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png

Request Chain 25

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg

Request Chain 26

https://heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg

Request Chain 27

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg

Request Chain 28

https://heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg

Request Chain 46

https://sb.scorecardresearch.com/cs/36287102/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 54

https://heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png

Request Chain 55

https://heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png

Request Chain 56

https://heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png

Request Chain 57

https://heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png

Request Chain 58

https://heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png

Request Chain 59

https://heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png

Request Chain 60

https://heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png

Request Chain 61

https://heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png

Request Chain 62

https://heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png

Request Chain 63

https://heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png

Request Chain 64

https://heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png

Request Chain 65

https://heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png

Request Chain 72

https://heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png

Request Chain 95

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=NQhvZeHSHYbUZoigqJAC&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5zb1Q4VlZGdHNxcmZPVFlITzlXbnZsMFJlN3V6bW9EZEdOX3gzRzFRWG00GlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMc3dOUHNVZXpRMFBKQnZLN1VsMHQ4ajZyV1lERHc0RjB1c0Q3RHpFWmgwdFQ5RVNCS000X1lEIhMIocGIuJf4ggMVBqoZCh0IEAoi HTTP 302
https://www.google.com/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5zb1Q4VlZGdHNxcmZPVFlITzlXbnZsMFJlN3V6bW9EZEdOX3gzRzFRWG00GlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMc3dOUHNVZXpRMFBKQnZLN1VsMHQ4ajZyV1lERHc0RjB1c0Q3RHpFWmgwdFQ5RVNCS000X1lEIhMIocGIuJf4ggMVBqoZCh0IEAoi&is_vtc=1&ocp_id=NQhvZeHSHYbUZoigqJAC&cid=CAQSKQDICaaNQ2V_2J1fgkrgcmoijBuRTJbB-vlMr-C9vCRvSAeJUI4w5Aiq&random=2889571951 HTTP 302
https://www.google.de/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5zb1Q4VlZGdHNxcmZPVFlITzlXbnZsMFJlN3V6bW9EZEdOX3gzRzFRWG00GlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMc3dOUHNVZXpRMFBKQnZLN1VsMHQ4ajZyV1lERHc0RjB1c0Q3RHpFWmgwdFQ5RVNCS000X1lEIhMIocGIuJf4ggMVBqoZCh0IEAoi&is_vtc=1&ocp_id=NQhvZeHSHYbUZoigqJAC&cid=CAQSKQDICaaNQ2V_2J1fgkrgcmoijBuRTJbB-vlMr-C9vCRvSAeJUI4w5Aiq&random=2889571951&ipr=y&ezwbk=AZuM4hBwnghpo1wZ2i66W-WZlcD3pCGaYcZCOK80t_3KsIDsngWmwoxwOQxnxzngRa33LMpd6TVIgn61FDCuZ9L7cwdi

Request Chain 191

https://heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif

Request Chain 215

https://heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png

Request Chain 216

https://heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg

Request Chain 217

https://heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png

Request Chain 218

https://heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png

Request Chain 219

https://heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png

Request Chain 220

https://heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png

Request Chain 244

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 245

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGduMcpbV7UWnWyprrsDLLw&google_cver=1&google_push=AXcoOmRkg3oWycE_29oNBxzhsnOmkwn5o5zYJT5WKhZXkGPspIv--81lUH_AW2yjRY-LAbRCyrQUWhEwSbU232AUaR-c8r8Bwretj2bYOcfmuoMRm4IKzWt29_dut143z6DIwKu1iSnzPv-X0xP-a6VTMVn3iio HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGduMcpbV7UWnWyprrsDLLw&google_push=AXcoOmRkg3oWycE_29oNBxzhsnOmkwn5o5zYJT5WKhZXkGPspIv--81lUH_AW2yjRY-LAbRCyrQUWhEwSbU232AUaR-c8r8Bwretj2bYOcfmuoMRm4IKzWt29_dut143z6DIwKu1iSnzPv-X0xP-a6VTMVn3iio

Request Chain 246

https://um.simpli.fi/gp_match?google_gid=CAESECxaZisR6s0PxX2zbNO7xcU&google_cver=1&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1FVRGkiNVTYkoE3xAAncKEG5gilTwiy6wSXUExCtQO-2tRYhTYA_DjWW4fmLdZWCBDYuE1hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=00F6FD5F525448EA9EFC281423DC58B6&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1FVRGkiNVTYkoE3xAAncKEG5gilTwiy6wSXUExCtQO-2tRYhTYA_DjWW4fmLdZWCBDYuE1hg

Request Chain 248

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEtDQ7bju7nGfFrS9g5inyo&google_cver=1&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJXsbQPqXImJRSXkk3f4pa7K4W2CrKFuO-FVQvkjNhcjq_zY4CnMNlwNwkljVMLL3Gw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJXsbQPqXImJRSXkk3f4pa7K4W2CrKFuO-FVQvkjNhcjq_zY4CnMNlwNwkljVMLL3Gw&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B

Request Chain 253

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX8Rk-mXphLikJH_QOHr-xA-IPcrKr00ZAW4-10S1d_K-Wf_baysJ-iHxOp6KzyLTAKyhLaCl2bxSxE4ajrfu5tWBt3bGIg4CActmPw4qjgzS-TKX0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX8Rk-mXphLikJH_QOHr-xA-IPcrKr00ZAW4-10S1d_K-Wf_baysJ-iHxOp6KzyLTAKyhLaCl2bxSxE4ajrfu5tWBt3bGIg4CActmPw4qjgzS-TKX0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX8Rk-mXphLikJH_QOHr-xA-IPcrKr00ZAW4-10S1d_K-Wf_baysJ-iHxOp6KzyLTAKyhLaCl2bxSxE4ajrfu5tWBt3bGIg4CActmPw4qjgzS-TKX0

Request Chain 254

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEH5Tpc19T443q42Inqud_sg&google_cver=1&google_push=AXcoOmR8ZGkOX4GZKm0Z1sow-Fwb-TTvNZSOdvpigpMwCFE94VX1CjrTOmXd780OI3qQrzznfQcSjhOV9YL4rIRtCB5PhNml0GYSVnT2zyAmAhB6t4n1evYp_BjxWts972OolsXglWoCN9VFRDtHV6tKHEfpfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH5Tpc19T443q42Inqud_sg&google_push=AXcoOmR8ZGkOX4GZKm0Z1sow-Fwb-TTvNZSOdvpigpMwCFE94VX1CjrTOmXd780OI3qQrzznfQcSjhOV9YL4rIRtCB5PhNml0GYSVnT2zyAmAhB6t4n1evYp_BjxWts972OolsXglWoCN9VFRDtHV6tKHEfpfA

Request Chain 256

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKsmhKezhtBFTm_Hpi0RQqA&google_cver=1&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhUiyhy9u8PT18-FuYw9b_3Ckl8tEqHR4qeNu0EYYOa74eZGet-bX2qDSjczVr7sZbmsGfGn8g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=52cdAr9YR-Aa9n8-otR0qA&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhUiyhy9u8PT18-FuYw9b_3Ckl8tEqHR4qeNu0EYYOa74eZGet-bX2qDSjczVr7sZbmsGfGn8g

Request Chain 258

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELDhfl0kORr7Kb53fC3AztU&google_cver=1&google_push=AXcoOmROW1WqcquX3fltx6hFSysBMSTP9Jh1xZBjvEDOjMO9zEgsAbZd6ZBcFic9bhZSjAq4_lnfINFoqA4zzjZOlxnse0QNt_u1R2AJcPSNQfzqznoNsjWlhAthdig6gE4slZHG6zDIP-cHGxuQKoKHpJeSs5qU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmROW1WqcquX3fltx6hFSysBMSTP9Jh1xZBjvEDOjMO9zEgsAbZd6ZBcFic9bhZSjAq4_lnfINFoqA4zzjZOlxnse0QNt_u1R2AJcPSNQfzqznoNsjWlhAthdig6gE4slZHG6zDIP-cHGxuQKoKHpJeSs5qU HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 260

https://googleads.g.doubleclick.net/pagead/adview?ai=C8xi5NQhvZZr5LPCz5LcP_Kaj2Avu7MzQdOaguJySEmQQASCil8tqYJWKnYKsB6AB0_z21QPIAQmpAhjmkzYQMrI-qAMByAPLBKoEgQJP0GYT3LZG99OI40GSEBJuc9GfJbp_IZuqGOQT0neQNNOigwsTRIcE-Fzt_PDxxTQh-csQmCu_w945WiGyQTNIFNs-wnLmz3z0SAInFjldSJ42Hrp8Mt40vyYPe0tbkibOKUdc_SHHBmKOaEZomobV0P9C9QMNPuhrEFdAJXSxiVQIl2Zcmpvjp8_rOzedaCD8mW2EizIz39SdigFUvVL4dx8ytOdMVzqg5tSgOmAX23ZlHZGtomoFjvh4qkz_GnXSDNS12d01IJwFp3uLEsp72WP-DVGf33kBRZ0qs6346lIGoSD_VUWx7Y-0NizUvNBCgPxA4VMX98EXuKCm1Cp-j8AEm7rricYEiAXAw6GtTJIFBAgEGAGSBQQIBRgEoAYugAfQpqzkBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPaqJdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYy7OTuJf4ggOaCWpodHRwczovL3d3dy5uaWtlLmNvbS9kZS9yZXRhaWwvP2NwPTY0MzE4MjM1MTMwX3NlYXJjaF8mTWFjcm89LS14LTIwNDI1ODQ3MTc4LS0tYy0tLS0tOTA0MzM5MCZnY2xzcmM9YXcuZHMmgAoByAsBmAyS7vTQ0ASiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNTY5MzgwNzE0OTA1NTgyNRgA&sigh=4cQBwWpYM_o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNExccLXFOaMs8kQ22oP-jdo79yRlDUIa--o9ryo6vnX6CG28zy-3WlMVBMyGsXQ38QE-uoVCdcRgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213039997821905874203%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215711471048423491121%22}&andc=true

Request Chain 264

https://googleads.g.doubleclick.net/pagead/adview?ai=CB8siNQhvZamJLKaC5LcP8MWakAXu7MzQdOaguJySEmQQASCil8tqYJWKnYKsB6AB0_z21QPIAQmpAiEo4kwCLLI-qAMByAPLBKoE9QFP0FUifZIdNayglqL82oTdbUcivsz5Z3rRb63GtFdfh1JvSPQuniJ8OB988N8MZFWnJSI6k5G51Ls6FNESUFrPnwsog4psUoxfGMAoVSs2lEJZmr247tkXs2W4cXz4ocNxaQR3ITFCD8WBNh4DqPu_583DtBrzWBIUa9VLzX53c8-Cea3miXu4OC8tvEEUjaYCCz6lBPj6WXvYc0X1XRDasiDsSTC8-BR_oA5yL8VsAx__OTxuQluv4MYwR6wUm5URXfW9fO5RYd0jUD-9sk_XEyu6VO5bJ4J1o6Gk3TTskkAN6UE8WsUI2G5I6I9JQplbqP_WLMAEm7rricYEiAXAw6GtTJIFBAgEGAGSBQQIBRgEoAYugAfQpqzkBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEENT0UdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYpsmSuJf4ggOaCWpodHRwczovL3d3dy5uaWtlLmNvbS9kZS9yZXRhaWwvP2NwPTY0MzE4MjM1MTMwX3NlYXJjaF8mTWFjcm89LS14LTIwNDI1ODQ3MTc4LS0tYy0tLS0tOTA0MzM5MCZnY2xzcmM9YXcuZHMmgAoByAsBmAyS7vTQ0ASiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgTgwTYEw7QFQGAFwGyFxwKGggAEhRwdWItNTY5MzgwNzE0OTA1NTgyNRgA&sigh=GAY-CCKCqGk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaN7TJB7liPId0DNkYlcZ1ls7m2-4YpCff77Di8t_4wsjMNS2QXil6vaF18urGZ5TDD2SRMTrH75RgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213540462234137105182%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212694921674492077969%22}&andc=true

Request Chain 275

https://heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1&C=1

Request Chain 293

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW8IN7l9vzoInHqKEDIFqQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPgLWDiybRHMgOLra2p8dwI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPgLWDiybRHMgOLra2p8dwI%26google_cver%3D1

Request Chain 295

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMjg3NDkzNjg5OTE2NDM0MQ%3D%3D

Request Chain 297

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cver=1&google_push=AXcoOmTHNKN0QyYdhcPuR59lT0CCz6BZIPn_hKBmDL767Xi5dWoIVJN_LTxB51R33af2aP7Xm7d544Tb3pEL6QB7x3nA9_OxYTTSjiQE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cver=1&google_push=AXcoOmTHNKN0QyYdhcPuR59lT0CCz6BZIPn_hKBmDL767Xi5dWoIVJN_LTxB51R33af2aP7Xm7d544Tb3pEL6QB7x3nA9_OxYTTSjiQE

Request Chain 298

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEE5dcVKiKMW3wDr2uPqDKhg&google_cver=1&google_push=AXcoOmT8TNauk7gzQds7_9xpUTdWee-h-Z2ahsBxt9aJAoItG_HXfGt9JPU4hofqyXCrAQcu_PwRfkhlqOnLOWOhgbPBJuYZdm0oPv_3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlc4SU5nQUVxTHFkVHdCZA==&google_gid=CAESEE5dcVKiKMW3wDr2uPqDKhg&google_cver=1&google_push=AXcoOmT8TNauk7gzQds7_9xpUTdWee-h-Z2ahsBxt9aJAoItG_HXfGt9JPU4hofqyXCrAQcu_PwRfkhlqOnLOWOhgbPBJuYZdm0oPv_3

Request Chain 300

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA9gJ-g6GaqN-OQoWaCwnME&google_cver=1&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkRmksjCMJRx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkRmksjCMJRx&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B

Request Chain 301

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPkmpbOsWjKs5ZvBDRBJlWk&google_cver=1&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYXQYDh0b9lBxVsDqpouAWr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYXQYDh0b9lBxVsDqpouAWr

Request Chain 302

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEET-hFyXUBcHsMRDjcebIHc&google_cver=1&google_push=AXcoOmRMvq8BQg35CLm6reIAE7fmyNONSwINN0-7c2tJlAHTrHSgKi3Ilfxik417BwaoYl8BEHdnAAMSdwCy8tE1feTDscuVUzAhk6bY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRMvq8BQg35CLm6reIAE7fmyNONSwINN0-7c2tJlAHTrHSgKi3Ilfxik417BwaoYl8BEHdnAAMSdwCy8tE1feTDscuVUzAhk6bY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 315

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

Request Chain 316

https://heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png

Request Chain 318

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

Request Chain 325

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

Request Chain 327

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

Request Chain 328

https://heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png HTTP 301
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png

Request Chain 339

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&RedC=c.clarity.ms&MXFR=30A84B7DB68E65230E2E58A3B28E6B10 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&MUID=093DBE317FB16ECC1531ADEF7E1D6FAA

334 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heho.com.tw/
Redirect Chain

http://heho.com.tw/
https://heho.com.tw/

426 KB
61 KB

372ms
357ms

Document
text/html

34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bf06f7365e265b3cf491bb1966bed8536afd455bde61bf070e66dbacc2c9c1b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 11:23:32 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Tue, 05 Dec 2023 11:15:02 GMT
pragma: no-cache
server: Apache/2.4.41 (Ubuntu)
vary: User-Agent,Accept-Encoding
via: 1.1 google

Redirect headers

Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 11:23:32 GMT
Location: https://heho.com.tw:443/

GET
H2 200 flatsome.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
16 KB 446ms
446ms Other
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16738
expires: max-age=2592000, public

GET
H2 200 chunk.slider.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
13 KB 414ms
414ms Other
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13382
expires: max-age=2592000, public

GET
H3 200 chunk.popups.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
7 KB 313ms
313ms Other
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.popups.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7220
expires: max-age=2592000, public

GET
H3 200 chunk.tooltips.js
heho.com.tw/wp-content/themes/flatsome/assets/js/ 0
10 KB 306ms
305ms Other
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.tooltips.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10106
expires: max-age=2592000, public

GET
H2 200 styles.css
heho.com.tw/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 471ms
469ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1015
expires: max-age=2592000, public

GET
H2 200 front.min.css
heho.com.tw/wp-content/plugins/image-sizes/assets/css/ 126 B
247 B 409ms
407ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/image-sizes/assets/css/front.min.css?ver=4.1
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 17 Aug 2023 06:06:30 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
expires: max-age=2592000, public

GET
H2 200 style.css
heho.com.tw/wp-content/uploads/maxmegamenu/ 137 KB
11 KB 505ms
503ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/uploads/maxmegamenu/style.css?ver=efd62a
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 60f4bc6d7145eac78eacce4c985befa2f47a66af0fc33f5e5f99f43cc2c080f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 May 2023 07:25:45 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11518
expires: max-age=2592000, public

GET
H2 200 dashicons.min.css
heho.com.tw/wp-includes/css/ 58 KB
35 KB 504ms
503ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/css/dashicons.min.css?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 10 Jun 2021 23:13:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35730
expires: max-age=2592000, public

GET
H2 200 jquery.auto-complete.css
cdnjs.cloudflare.com/ajax/libs/jquery-autocomplete/1.0.7/ 653 B
605 B 34ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-autocomplete/1.0.7/jquery.auto-complete.css?ver=1.0.7

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7fab9e736b5a64ab2fd063444bc8737b54f6e0a559c2a6a04149d952a75017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1764266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 252
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-28d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pt34juQEIahKEkhh1hlkfy3FlZ13TnsvgQ27JmO28vvkVqf3tIukE8wTqrey2ObGfCTWhMUzviX9yztymKThC9xYmHETl085SZvKrjUc0ctpITZBMvmvmApeSeJwtVKJ%2BpuKB4RHDD2%2B22NlRae8DZT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beae82e77bb47-FRA
expires: Sun, 24 Nov 2024 11:23:32 GMT

GET
H2 200 flatsome.css
heho.com.tw/wp-content/themes/flatsome/assets/css/ 148 KB
30 KB 548ms
546ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 47f1d0dc5c8ad11e9fcc9fb81023552a39854dfe3a8f67609b8ea44c1685c3db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30142
expires: max-age=2592000, public

GET
H2 200 style.css
heho.com.tw/wp-content/themes/flatsome-child/ 18 KB
5 KB 514ms
512ms Stylesheet
text/css 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome-child/style.css?ver=3.17.3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 308bd8594b227122898d10838a3b719f545cd4ba4f02a408fc0b7ff43f17ca30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 28 Nov 2023 01:56:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4947
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
heho.com.tw/wp-includes/js/jquery/ 85 KB
30 KB 486ms
485ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:50:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30343
expires: max-age=2592000, public

GET
H2 200 jquery-migrate.min.js Show response
heho.com.tw/wp-includes/js/jquery/ 13 KB
5 KB 656ms
654ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:50:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4872
expires: max-age=2592000, public

GET
H2 200 seo-automated-link-building.js Show response
heho.com.tw/wp-content/plugins/seo-automated-link-building/js/ 493 B
373 B 700ms
699ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/seo-automated-link-building/js/seo-automated-link-building.js?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Jun 2023 02:46:27 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
expires: max-age=2592000, public

GET
H2 200 inputtitle_submit.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 649 B
427 B 415ms
414ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/inputtitle_submit.js?ver=6.3.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 48d68ba83268a7d5262f2af34a516346aa970e5212d9605664c6dc390bfed129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 28 Dec 2020 08:13:27 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
expires: max-age=2592000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 83ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08b2864e6373aaee9e40895973ab3f6ea805aa043ffdafd1dffbeac841b29a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 heho-mkt-global.js Show response
ml.oxra.com.tw/ox/mkt/js/ 33 KB
7 KB 1056ms
523ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f16700a582fbcb0a4dce154cb5fab6fd32ed12a495c7e2678be5d0ad93e282c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 03:24:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"654467e4-83b8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 heho-infinite-sdk-heho.js Show response
ml.oxra.com.tw/ox/mkt/js/ 43 KB
7 KB 796ms
263ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-infinite-sdk-heho.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5bd95d97908d15bffb7bee4ac7fafc2b7c19de43cb27447eb8ea21fd72d476b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
last-modified: Fri, 03 Nov 2023 02:56:32 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65446160-ad31"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sticky-kit.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sticky-kit/1.1.3/ 3 KB
2 KB 32ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sticky-kit/1.1.3/sticky-kit.min.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2280516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1245
last-modified: Mon, 04 May 2020 16:16:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fdc-cd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeOILiXEc7c14zO2VPFk4pdXkauGl8K1128uFqDER7Y%2FIIVpZh4abIQ4WPgiQcVm%2FzUDp6JtDhi5lQGFdkhUktOZr%2BMLkLbW9CzOi5m%2FMmmxdT3wSISEm8Bb2Y0yhrbxvrhh4WONRrcuz89quKDciln%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beae82e79bb47-FRA
expires: Sun, 24 Nov 2024 11:23:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 126ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

495d00ced775fe8a262d2b05f8225c1a172df503b4f42a788f97e15f1867ee93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51887
x-xss-protection: 0
server: cafe
etag: 1643756846904524972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 152ms
90ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df61dfec8baf56370890d50b52c3468fa8260ec0f04ac2de100c9d369cd1381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30358
x-xss-protection: 0
server: cafe
etag: 445 / 19696 / 31079874 / config-hash: 2923245680056838999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2

200

b28837887ae86c49b66bc05e04dd346e.png
img.heho.com.tw/wp-content/uploads/2020/07/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png

3 KB
4 KB

63ms
22ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cecb66bde508c9248d803c80e120330c2390474f21df544bee4d8d34b22810e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346251
alt-svc: h3=":443"; ma=86400
content-length: 3295
last-modified: Thu, 27 Aug 2020 06:39:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeRhIjxT8hCcIWz9ayXvwn%2BP0DetBMWFakoYb8KzKFMLey1DN%2B%2BPPyf5yQ30mPaRAvgLbatDoufqagI8BOhw86daaQ%2BvtqjHBr%2FO0XeYALvDGRq4hVJ%2FxuE%2BBT7GSWzkx%2BO%2B5CvS0KOTwEFlM0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaea2df4c2a5-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2020/07/b28837887ae86c49b66bc05e04dd346e.png
date: Tue, 05 Dec 2023 11:23:32 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 373
content-type: text/html; charset=iso-8859-1

GET
H2

200

1685591982.4705.png
img.heho.com.tw/wp-content/uploads/2023/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png

143 KB
144 KB

680ms
679ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 146514
last-modified: Thu, 01 Jun 2023 03:59:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Av%2FvwsYUvvqySjuUETy4yDNJ18OXnwingrfw1RQuuM1LlQ2qslAfPkCYUo5nSqD8NAFXRA%2BUlS7haP7Xmsv3%2BbX%2FLO2TagIrssBhGPZcRrqVRq4fh3d2cHYOqv%2BzXOltF4ck4kESZTiJkdIdeuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaea8e53c2a5-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
date: Tue, 05 Dec 2023 11:23:32 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H2 200 dmca_protected_sml_120n.png
images.dmca.com/Badges/ 2 KB
3 KB 30ms
7ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=92f4d6c1-aaf5-4037-9b43-72143adcf46e
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 / ASP.NET
Resource Hash: 45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 18:59:51
cdn-pullzone: 1574055
content-length: 2060
last-modified: Tue, 04 May 2010 23:19:10 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "a7af7333e0ebca1:0"
content-type: image/png
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: cbe53c1c17b8d936af76225e2dafa488
accept-ranges: bytes
cdn-requestcountrycode: DE
link: <https://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120n.png?ID=1749cafb-2fcb-4f72-bfc7-9694f5610177>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
843 B 6ms
6ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:32 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 10/31/2023 19:00:40
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 08c933b65e62d02f00cd7239ea3d9d1e
cdn-requestcountrycode: DE
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

1623040116.8368.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg

4 KB
2 KB

23ms
23ms

Image
image/svg+xml

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf44c84e33e64332bb97121e566eb096f411850877443b97c310e598ef10e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346251
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l4Gkz7xi8ZU7uAw0fA8hrDETOoY8WvVAe2NUBM4V6vwrx7EtawL5cfWWJ2WaMWDFVurVVjLBPazL%2Bb7q1NbK1WZLkuYp2xPQ%2F9oAKx1qy35NJoEE0DN49qQY2tHQUF0y9aSk0Xalik4Je0K%2BFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830beaeb384fc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.8368.svg
date: Tue, 05 Dec 2023 11:23:32 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040942.0376.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg

2 KB
1 KB

33ms
33ms

Image
image/svg+xml

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 600db4b0c037c60bc7cf0f6508cd29ff8d97e1d02267a626b444a28d7c75d298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 636057
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:42:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5VszUGVdHLu0AfKkn8Ksr35i2%2FsABSELlLHOzdHrvRAXCNp7fEfIJKps%2F8VSgyVVNo5ihd5Ho7SE8ATE%2B6QEZl5dIGbDZes8O2ebfOAFOsHmOHPX4ImJyFG%2B0HtO%2BxwvBMGnR5uhSpG7gtR%2BPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830beaef1c90c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040942.0376.svg
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040116.3431.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg

1 KB
1 KB

34ms
34ms

Image
image/svg+xml

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fea32efefa901ef8406bee583dcea828fc0871ca38f7227475fc8d6a520da9dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 456040
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZHDWl2k%2B64E8pmI%2F6k6MTnnRe4jwmNrDWXr9ARQuerGKqbtFdCGMrGw9LFtPEycVlQsTuL0wPn8d6vIjFLytZW5MTyRUBa%2FTIkxk4UZ8Xu2JMj6tbA93ooBdVoLKGl3kOsPQPNZttPG8hTw%2FJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830beaef1c92c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040116.3431.svg
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1623040117.0803.svg
img.heho.com.tw/wp-content/uploads/2021/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg

1006 B
1021 B

47ms
47ms

Image
image/svg+xml

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b18f50b21e8e3e68778d553e17395f44f3d18bcf9d664f852e9a7d515a6c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542009
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Jun 2021 04:28:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBMT4M1f6eGny5HnYsebwPsdNivolKqTV2i4qcC97eFwNRBUQ0aBsUyi%2Bk%2Fnn1%2BCS%2B5gtgY6%2Beo%2B6pTNt83hqpDLHiM%2FYIPGhUsDvFD%2Bo0QF0RUFaHKzJnIlJk6lpHZ5HeUoI6GgMLkVsDqUeKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 830beaef1c95c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/06/1623040117.0803.svg
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1649640641.534.png
img.heho.com.tw/wp-content/uploads/2022/04/ 9 KB
9 KB 22ms
21ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/04/1649640641.534.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889aad1463a00bc7c4fda2a94819d09f932bde81010eaa9f7b9f74402f3fc579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534937
alt-svc: h3=":443"; ma=86400
content-length: 9006
last-modified: Mon, 11 Apr 2022 01:30:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUSm07XJ2KqNwJKhIaa%2BsLIhWctlmJbIYejDTDUZ59Z6TpAgbFx3DV0AdHClyPWIpE%2BrSOAdn48%2Ft0euQb4gB1XgMjmlfiRU3x%2F81s3ONVVO4cOo%2FlDqj9ufGTRLCEKNJRd8uvQGYU2WmrzXn1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaec89c9c2fa-VIE
expires: max-age=2592000, public

GET
H3 200 1649640644.1429.png
img.heho.com.tw/wp-content/uploads/2022/04/ 10 KB
10 KB 23ms
22ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/04/1649640644.1429.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6ba6d140a0b4673d579dd5cd2428521d9141c946dcb02884c0c5a3b3913cd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449525
alt-svc: h3=":443"; ma=86400
content-length: 10191
last-modified: Mon, 11 Apr 2022 01:30:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUajUifSzf762PKd%2FRpwcvFSux%2FIoR6WqAlJHjnlAgRuWdGCzVSUZaQA8dhbON6LSBfSMeV4u%2BNlHfIJfAi5drl%2Fo0dN3LzNgtWuXlEqJwSOZtRFacFtlX6D0lHhvMtbfabw2SulsS0X17pGLKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaec89cbc2fa-VIE
expires: max-age=2592000, public

GET
H3 200 tsconvert.js Show response
heho.com.tw/wp-content/themes/flatsome-child/js/ 12 KB
8 KB 452ms
452ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome-child/js/tsconvert.js?0811
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f8cc03e63c2624c1e817c00f6dfb085759dcff6aa84c37fcd65050023fd582e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 11 Aug 2021 03:16:22 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7690
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 476ms
476ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3212
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 335ms
335ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4191
expires: max-age=2592000, public

GET
H3 200 jquery.auto-complete.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 8 KB
2 KB 302ms
299ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/jquery.auto-complete.js?a=3&ver=1.0.7
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c063fc54a4bcec5e67e63ec0c5fb62be66be35509203e143a97de4e7eae0e4f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 15 Dec 2020 06:38:28 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2177
expires: max-age=2592000, public

GET
H3 200 global.js Show response
heho.com.tw/wp-content/themes/flatsome/js/ 1 KB
577 B 309ms
307ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/js/global.js?a=3&ver=1.0.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d6160ac2857a97b2e8b68b394977418e28dc43947425deb37fdea506582787aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 11 Dec 2020 05:53:00 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
expires: max-age=2592000, public

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 81ms
17ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&ver=3.0

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8341e035f8572a07e1afa2e95d48bf9a97d33844e27e4300bb8c0de6e172211b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 8 KB
2 KB 318ms
315ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2484
expires: max-age=2592000, public

GET
H3 200 regenerator-runtime.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 6 KB
2 KB 305ms
302ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2499
expires: max-age=2592000, public

GET
H3 200 wp-polyfill.min.js Show response
heho.com.tw/wp-includes/js/dist/vendor/ 16 KB
6 KB 322ms
320ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 16 Oct 2023 00:50:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5889
expires: max-age=2592000, public

GET
H3 200 index.js Show response
heho.com.tw/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
504 B 325ms
322ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Nov 2023 06:21:52 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 483
expires: max-age=2592000, public

GET
H3 200 hoverIntent.min.js Show response
heho.com.tw/wp-includes/js/ 1 KB
726 B 322ms
319ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 19 Jun 2023 07:09:18 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
expires: max-age=2592000, public

GET
H3 200 flatsome.js Show response
heho.com.tw/wp-content/themes/flatsome/assets/js/ 52 KB
16 KB 309ms
307ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7046618f6555847e4c8d7fb47584672aab889faf9ceebd6d871074da350615c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16738
expires: max-age=2592000, public

GET
H3 200 flatsome-lazy-load.js Show response
heho.com.tw/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/ 2 KB
621 B 317ms
315ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 601
expires: max-age=2592000, public

GET
H3 200 maxmegamenu.js Show response
heho.com.tw/wp-content/plugins/megamenu/js/ 33 KB
5 KB 343ms
341ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.4
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 23 Oct 2023 01:06:51 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5198
expires: max-age=2592000, public

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
3 KB 67ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

842cbe5d1403a229cdffb0f66329fea4a2b5011e569b2978b75d2a9da553d2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 11:23:33 GMT
content-md5: QVZNX0rM50LyVZcAHQqsqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: olYit5r43OrXMib0Y1f4sUmF0yb3EPD7Ti94am+w/6IjJ8sCkCpkCuI2xF2nPMdCGLYLpjrTZXkms6ZyD75BSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b7f95ac9a17cd7499d60ce44a2e43f68
cross-origin-opener-policy: same-origin-allow-popups
etag: "ce4674bbbddf5f9693d7d933e6772722"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:34:49 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36287102/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

10 KB
4 KB

11ms
11ms

Script
application/javascript

108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:45:09 GMT
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 12:22:04 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 81505
etag: W/"96bc3a581f40e4dbb6739b063c8dcb9b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: cTB2BpICyzWdK20BgQ0hO8ISgy8eGBMVr8ieXKJUgbk59jKpuf9RsQ==

Redirect headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: W4YLOWlrDD5Pmnbdpo-g3_acZADciOS-iWjwwdbv7zV65Bc_FQJQQw==

GET
H2 200 48oiwicjv7 Show response
www.clarity.ms/tag/ 649 B
1013 B 228ms
166ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/48oiwicjv7
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7b281506c1ec54aee032263668728e13fc6eca72d39ea52a96349969fca5f63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Tue, 05 Dec 2023 11:23:33 GMT
x-azure-ref: 20231205T112333Z-rgc43k83up57va6vpuq6z0tyas00000006ug00000001p2wg
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 649
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 viewform Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/ Frame 309A 53 KB
16 KB 404ms
358ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bbae8193dbf66e39dc9eb836075c7116d0cd039473572b650a6062375373929

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-nHvia9NBexrMCCMQESfAjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-nHvia9NBexrMCCMQESfAjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow, nosnippet
x-xss-protection: 1; mode=block

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/ Frame A25D 9 KB
4 KB 999ms
524ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 50507f6e6940c0c5a3998c21ec028c92bd9da787a7aff9ae510a1b510a6c8b8e

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:33 GMT
etag: W/"23f8-eUH7+o1GrLvROTehSYIeTf9hFgw"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 heho-mkt-sdk.js Show response
ml.oxra.com.tw/ox/mkt/js/ 5 KB
2 KB 789ms
262ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9afefc6356f7a01fa5d0a8b69c8a39cb3709795753e96ad09bad19b21b0b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 04:48:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63901b13-12db"
vary: Accept-Encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f7fbd847620a46b260daa079ddcacce2e96d507bc686510677cb243f088245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fl-icons.woff2
heho.com.tw/wp-content/themes/flatsome/assets/css/icons/ 7 KB
7 KB 352ms
352ms Font
font/woff2 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2?v=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bc425300c8a8a921a3d481e8b2395ef3c6cac4333b7326ceb1f5963fa6102b77

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
content-type: font/woff2
cache-control: max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7244
expires: max-age=2592000, public

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3

200

1654582763.9763.png
img.heho.com.tw/wp-content/uploads/2022/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png

62 KB
62 KB

20ms
19ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58414c45ff47ff8f78077f75d47fb1c08143c46e500536ccb407fb9a031d3da7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615893
alt-svc: h3=":443"; ma=86400
content-length: 63017
last-modified: Tue, 07 Jun 2022 06:19:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXu%2FRWM%2BAu0AhUVcgNL21FzWuhKsNSct6mEFcD042uGBeY%2Bz%2BT5HNry%2FeWfO6pClj6NiO0sBNglWhlS9ng4HjfdOF%2B4BrT7N3lIomoDqs0kvBL0pj9pgs0QfZngiUKfRnKLP5iua8nkdDJYKw9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaef1c93c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/06/1654582763.9763.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685341005.7905.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png

24 KB
25 KB

46ms
46ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c962d6b55e524fbd4d056d9417afc3f15d56c09df24de4217a3faecd27afba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414472
alt-svc: h3=":443"; ma=86400
content-length: 24795
last-modified: Mon, 29 May 2023 06:16:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmlJC1KSdId1wzLxGwNvMSkg3lprxcHZJ4rqKb24nXc%2B0fpYe171kf9Iy1bw%2BHhSSztTtkNmbJ2mxoqe2TLVWNX1626HnXEyQLJmJ7lHMAuThgbTa5RMwe1YAARsX6Ope0SvRHvnRzgCA069U7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaef1c94c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341005.7905.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685341002.6315.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png

15 KB
15 KB

23ms
22ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985b3bcffaca82008af6fbae8e61658cb5154c104561967e0b1fb91305375555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515685
alt-svc: h3=":443"; ma=86400
content-length: 15063
last-modified: Mon, 29 May 2023 06:16:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOH5hcJYNvE0bHLyvp9Qtg0k6WXWCvg37mwRNtlVIhpCLJ5OX67tDvYRX7NKJiIssjPFrT9VgaYRHZ%2F41%2BCNGQIeO199lG54GdnKzXcA4ka7aSxkJiXHJDX%2B7rjDENtETfH3c4Pr%2BtiaIVa1IFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf01d92c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685341002.6315.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685340999.4319.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png

17 KB
18 KB

48ms
47ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d4d21ea731e982d339e2341bebcde40e7abd3c43e6955a51d13c68d105f9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615893
alt-svc: h3=":443"; ma=86400
content-length: 17450
last-modified: Mon, 29 May 2023 06:16:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUuGL0NC67lq2%2Fr2z9mpEpQnd0YwoSKAAlJDLeUeRPexNwguOmvyBDUa3Tr3BAe%2F1YYiZqD1VI3qjp%2BIBrrEnngKrPLiz3GC8sHTr%2BpXBNXPLmOpFYtrZpohR85ZgLJO5AVeZ2KXYPEPQAASanQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaef1c96c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685340999.4319.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084067.1705.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png

6 KB
7 KB

28ms
28ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f6995a0395179c9dd731c85aa08ef73fb09ab0b6ea2e889eda95f9747e069c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615893
alt-svc: h3=":443"; ma=86400
content-length: 6559
last-modified: Fri, 26 May 2023 06:54:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u598v%2B4Ij%2FDfA6HV3wq46gYXSQbZVrO1EEx%2BOEMXgvECnGi6Mgz1aR0yVfSpy6xQWvmlA1w7cFt4BBWOfZ0bdyc1kbDvRwpa%2Bxs0A2liEzBq0uM7T43FgwgmPdwmvXQMj8us4SRhuF8nw3lxvbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf01d95c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084067.1705.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084061.4838.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png

16 KB
17 KB

20ms
20ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029021f9df9d250bfc5442e10e72bb7fcc37aef687080952a051aa4428214f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 539064
alt-svc: h3=":443"; ma=86400
content-length: 16859
last-modified: Fri, 26 May 2023 06:54:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPfKYn7ObFSVWVtPZrDP0yGQTj%2BBI0GNw3SjnEBw6IfXWF1wFjYcE3ZGmf%2Bf%2B0WL8GIAerILLnK6CeUykPswOlBir7prLWiSQFoHOCtD%2BqRJxCpZbOT%2F3CdcnqhL1Se6wVMOAlvqz0CCUUMw5rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf10e7cc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084061.4838.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084260.4331.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png

4 KB
4 KB

20ms
20ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d6f268fafb58c6446703ee4d09aedba5b6a7d3a59261da328d75d5115fb11b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615893
alt-svc: h3=":443"; ma=86400
content-length: 4029
last-modified: Fri, 26 May 2023 06:57:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoLygxHAr5w0Y%2BaIbbdCTDTzdrl6mMIjaYfxbFh%2Biq8f5IzcrkM7vQ370iD7tcdQUJVsDUOLaxKKK89fpIDggEUDsW%2FaRGWVomeEcqY0G2gJTL2IGGpcBwpvIwvOGcoDZRIiBFH9Tf%2F%2F3O23LsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf04dc8c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084260.4331.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084258.0287.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png

5 KB
6 KB

22ms
21ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6567639db59dc67528a542b533eb95189e86f1d3cd82d865b72b09cbb2290e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346248
alt-svc: h3=":443"; ma=86400
content-length: 5599
last-modified: Fri, 26 May 2023 06:57:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdQMsPmL0nWYrB0rxjklLS%2FATeVyDRwbHbYGYf2jyRQqV9FQH9m7dKMwAhXVEDHnpwP378%2BYmSajU4Y1V31ehd%2BKq3PApYDBlQlgq3tyua0jNMR7PD6A5bP6FWa0eI8A5avQa4EwtffBjqfWkYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf04dcbc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084258.0287.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084064.6124.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png

6 KB
7 KB

20ms
20ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926820f185b15731023eb5573e470b2fc52fa7c7719ba68de547ec3a99ea4db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414472
alt-svc: h3=":443"; ma=86400
content-length: 6163
last-modified: Fri, 26 May 2023 06:54:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jkeoj1VUHScPh5ZTKN8yGtcsS1lxLsz7fKdjkOhqpOuVwUPBztUtyDqfZqug%2BuELP7O%2Fr4sUTyqd%2F8Llebu1KmaMo8Qg4QnP44VejTmIfThqD%2F0fxQnjX2zvrIOknyybDIKv2vZ8aMwj06ZtCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf12eadc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084064.6124.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685084058.5936.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png

12 KB
13 KB

25ms
25ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f338abba8fb7cf686b9a4f785fedd4299709cff3e365eae3c61eb0e507c417d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414472
alt-svc: h3=":443"; ma=86400
content-length: 12376
last-modified: Fri, 26 May 2023 06:54:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXqDlTrU%2FhhKIVt9Vsr8dVMj4ut%2F32GmvVZnHwhwLfUGXt49uTiWeX9prucdHRrR1CJLL6l0K2esdX%2FM0gIk2nEFCCUQjgMzLjw8tlr5elRjkZXsjtNBloromYVi%2BHl0zMw2xphkpyHgeMkQMgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf12eafc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685084058.5936.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png

5 KB
6 KB

24ms
24ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615894
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4MloIX0YFpjAotvlaP1RUos5roGytgnctC61HeCb%2FbI%2BM%2FxcjnfmSb9S5anLbhYNYqpHjP6%2BRNdBax617uMQoULY5CP3hUT81hiB5NvcV7sWe6PJFXaNKYUh6tBwtPbUSkbv0MCMtdJ62QcqfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf3392fc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1685083759.3921.png
img.heho.com.tw/wp-content/uploads/2023/05/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png

13 KB
13 KB

24ms
24ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e6a680e9036aaf31486a675e7ae117f53d2f3c3924240f26e0d57520e4204a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346247
alt-svc: h3=":443"; ma=86400
content-length: 13108
last-modified: Fri, 26 May 2023 06:49:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQV3uLGBTxitbtNr4C7DP7EHwwsnfIIL7PwB%2FnMPQLYxysGZ4lXUDbc%2Fsiw%2FbplMySrGCCBZvBH73CEz8Uyjkf%2BeoxIvZvnfaoXS50OKy9rHR096Ebyp64tLCTS9sjU4f%2Flu%2F6xvbVhXAFgZfYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf14ed1c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/05/1685083759.3921.png
date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20a3bf52be657d048a21d70727caaa41611e9d8ef79c89d88c78949ee41a162a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfe4b3384bdf0bd276d03faa954b58977064c3aa7199c946292f3d22f416fc76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a076d79ed14cff54c3ece7a41c43bf5b96154cc8c194ba252aea6f5c3830cfdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5448b3df7fca1bd7f1ee6c34cab7287342978c1634a216dcb055faa92ffef9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 273864a943d0ff0ab1b4861c83635fe7c7fcaa496d81862552923c614639b12f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

1611030364.7282.png
img.heho.com.tw/wp-content/uploads/2021/01/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png

1 KB
2 KB

27ms
26ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9320b3cdf4756eab8412ee5120bc5af5524c9030de78136fbc42b7e40814289a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 202800
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Tue, 19 Jan 2021 04:26:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDS5F2KSjqoI4j8%2Be9KZ3FPr1Sea0fTYNaJoTPNkfGIsFDbaAYW3IBZbNQs5smgsAj1knETLcL9WOgOEiZrewTNBxZMhLaFneG7TxxHsVIx4P2jp6CbcIJgfRCKIq2w8LaEFgzxJ3GQ49aFbLyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf33930c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2021/01/1611030364.7282.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 303 KB
87 KB 17ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=0f7865867f3cb597a27bcccca97594ab

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

779843e9e9c00cb70db943a8929d8977585f109d611cbaddb6e062cdd5bf4e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 11:23:33 GMT
content-md5: Ml/di8MbPRMV1EIQIG9WKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88488
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: o3ahJ+2/tEkew0miHePiFC+cfpytU+KziHwOqki/FnLdg1I4tfZDa9m1ueCtu5NrF21jcFlwrMeYq/G9O85NiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9ce5ea03b9c4271a204bf712c2acd47b
cross-origin-opener-policy: same-origin-allow-popups
etag: "98d9c55154da60ce851f697e2209007e"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Dec 2024 10:34:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
96 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97c427fcd82365110b1a5710ec4fc6f02d7d252c9a633840e48c100905efffd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 10:31:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3117
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 12:31:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105027460-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b8296cd670c13c88421246c0d64979967914b1c3a4edefe67f7298cc0ca6305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76021
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5693807149055825&plah=heho.com.tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f9c17674d2b0373782ea0d839ea1c192796ed202be706d2d362e3602c8abb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137565
x-xss-protection: 0
server: cafe
etag: 17781580617315001373
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 4B6F 9 KB
4 KB 30ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:06:14 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 16ms
16ms Image
text/plain 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36287102&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701775413397&ns_c=UTF-8&cs_cfg=100&c7=https%3A%2F%2Fheho.com.tw%2F&c8=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&c9=
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: wwz8oNUjyhKYZYgd2Dph7ltn6WPiCOs8aiinAC3MAjFoNwjYPVwIVQ==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/ 431 KB
135 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311300101/pubads_impl.js?cb=31079874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45919
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138089
x-xss-protection: 0
server: cafe
etag: 6648938400208870771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:38:14 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2127023872&t=pageview&_s=1&dl=https%3A%2F%2Fheho.com.tw%2F&ul=en-us&de=UTF-8&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1693763460&gjid=761704814&cid=779064493.1701775413&tid=UA-105027460-1&_gid=1357859423.1701775413&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=991005795

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/ 3 KB
2 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=1701775413422&cv=11&fst=1701775413422&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed2ede5bab60770b7078dfbc3e786d4e720ae4545bf82c71eac2a8f7e835b48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/338904101/ 3 KB
2 KB 110ms
76ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/338904101/?random=1701775413431&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-338904101&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d02311df18bb3fb0ecc50f9708e14660b60f8d9bac334c7b5d18c0fa4f888a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1635
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
242 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LDJQEPLLSR&gtm=45je3bt0v877969751&_p=1701775413193&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=779064493.1701775413&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701775413&sct=1&seg=0&dl=https%3A%2F%2Fheho.com.tw%2F&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&en=page_view&_fv=1&_ss=1&tfd=1406
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 57ms
19ms Ping
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LDJQEPLLSR&cid=779064493.1701775413&gtm=45je3bt0v877969751&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 53ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LDJQEPLLSR&cid=779064493.1701775413&gtm=45je3bt0v877969751&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=301957101

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 56ms
20ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-105027460-1&cid=779064493.1701775413&jid=1693763460&gjid=761704814&_gid=1357859423.1701775413&_u=YGBACUAABAAAACAAI~&z=2101000552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Dec 2023 11:23:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 13ms
13ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/48oiwicjv7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231205T112333Z-rgc43k83up57va6vpuq6z0tyas00000006ug00000001p2z3
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 /
www.google.com/pagead/1p-user-list/338904101/ 42 B
327 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/338904101/?random=1701775413422&cv=11&fst=1701774000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZxS52QikNc0bSNe9w9wOtQAXF-QBDQ&random=2848388963&rmt_tld=0&ipr=y

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/338904101/ 42 B
455 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/338904101/?random=1701775413422&cv=11&fst=1701774000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNZxS52QikNc0bSNe9w9wOtQAXF-QBDQ&random=2848388963&rmt_tld=1&ipr=y

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
291 B 306ms
98ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heho.com.tw
Date: Tue, 05 Dec 2023 11:23:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105027460-1&cid=779064493.1701775413&jid=1693763460&_u=YGBACUAABAAAACAAI~&z=1553073433

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-105027460-1&cid=779064493.1701775413&jid=1693763460&_u=YGBACUAABAAAACAAI~&z=1553073433

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Origin: https://heho.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:53:20 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/338904101/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&d...
https://www.google.com/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...
https://www.google.de/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200...

42 B
64 B

24ms
24ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5zb1Q4VlZGdHNxcmZPVFlITzlXbnZsMFJlN3V6bW9EZEdOX3gzRzFRWG00GlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMc3dOUHNVZXpRMFBKQnZLN1VsMHQ4ajZyV1lERHc0RjB1c0Q3RHpFWmgwdFQ5RVNCS000X1lEIhMIocGIuJf4ggMVBqoZCh0IEAoi&is_vtc=1&ocp_id=NQhvZeHSHYbUZoigqJAC&cid=CAQSKQDICaaNQ2V_2J1fgkrgcmoijBuRTJbB-vlMr-C9vCRvSAeJUI4w5Aiq&random=2889571951&ipr=y&ezwbk=AZuM4hBwnghpo1wZ2i66W-WZlcD3pCGaYcZCOK80t_3KsIDsngWmwoxwOQxnxzngRa33LMpd6TVIgn61FDCuZ9L7cwdi

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/338904101/?random=220944202&cv=11&fst=1701775413431&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v885459833&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fheho.com.tw%2F&label=pdjACIy7g7cDEKWIzaEB&hn=www.googleadservices.com&frm=0&tiba=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&did=dZTNiMT&gdid=dZTNiMT&auid=377494312.1701775413&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ0xHN3F3WVE0NG02d2MyQTZJRjJFaVVBQmdpcE5zb1Q4VlZGdHNxcmZPVFlITzlXbnZsMFJlN3V6bW9EZEdOX3gzRzFRWG00GlhDaEVJZ0xHN3F3WVFzdFQtdDRfTXliZkpBUkl0QU9XR0tMc3dOUHNVZXpRMFBKQnZLN1VsMHQ4ajZyV1lERHc0RjB1c0Q3RHpFWmgwdFQ5RVNCS000X1lEIhMIocGIuJf4ggMVBqoZCh0IEAoi&is_vtc=1&ocp_id=NQhvZeHSHYbUZoigqJAC&cid=CAQSKQDICaaNQ2V_2J1fgkrgcmoijBuRTJbB-vlMr-C9vCRvSAeJUI4w5Aiq&random=2889571951&ipr=y&ezwbk=AZuM4hBwnghpo1wZ2i66W-WZlcD3pCGaYcZCOK80t_3KsIDsngWmwoxwOQxnxzngRa33LMpd6TVIgn61FDCuZ9L7cwdi
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9A9 166 KB
50 KB 882ms
882ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5693807149055825&plah=heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b12827dadd5228ce6027e2ba95b0d5cc8c0ebe1f7ade091b7ae71981e00dfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 50720
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:34 GMT
expires: Tue, 05 Dec 2023 11:23:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3C3 106 KB
45 KB 1281ms
1281ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d5d266786527c398a683d85440a1dadc9ee41be88cb800a68225276358d80cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45554
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:34 GMT
expires: Tue, 05 Dec 2023 11:23:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 70EE 167 KB
50 KB 755ms
755ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a5754dcc49e35a95e046abb5d39e230261005f60cdfeb41d3f091775a6001c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:34 GMT
expires: Tue, 05 Dec 2023 11:23:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 docs-tt
csp.withgoogle.com/csp/ Frame 309A 0
0 41ms
19ms Other
text/html 2a00:1450:4001:830::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.withgoogle.com/csp/docs-tt
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://docs.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 icon
fonts.googleapis.com/ Frame 309A 616 B
463 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 11:23:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H3 200 rs=AMjVe6jD5hGkCF0BphdUeomEF_I0J2GWlw
www.gstatic.com/_/freebird/_/ss/k=freebird.v.XMSFTLX2xDo.L.W.O/am=EAY/d=1/ Frame 309A 944 KB
115 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.XMSFTLX2xDo.L.W.O/am=EAY/d=1/rs=AMjVe6jD5hGkCF0BphdUeomEF_I0J2GWlw

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9996ece096f1a0a0a480e2a9ada6ad692c59b562370dd189bd75968dbd7a0f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118157
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 15:29:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 22:06:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 309A 24 KB
2 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e98273998af7ba59db229a5997cd60b10fff987e60d89dc79654a50fa5daee02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:55:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 309A 1 KB
886 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c9837dd0a50218aac53dee373e4167e0a2edf128136d31ff2d89add6c5fed8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:52:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 003C 60 KB
33 KB 33ms
30ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=obizamieey72

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e80ef401596260b801ff1c75b225d452296ce913bb895bee17ea6b40488d7e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xLXxxirn6bKZnsH8loNOSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xLXxxirn6bKZnsH8loNOSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 309A 1 KB
714 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 689
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 19:51:27 GMT

GET
H3 200 m=viewer_base Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 309A 423 KB
136 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d715cfe84dc6dffc61288e0a1ac6901e9ce71b50e08a0b71c1d6c20c135940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139125
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 22:06:05 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 003C 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=obizamieey72

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 09:48:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 003C 468 KB
188 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 17:53:20 GMT

GET
H2 200 m=sy1h,vGOnYd,sy8,syh,IZT63,syu,vfuNJf,MpJwZc,n73qwf,sy13,ws9Tlc,syb,syj,syi,sy15,sy1c,sy1a,sy1b,siKnQd,T8YtQb,sym,syp,syq,syr,sy1k,syw,sy18,sy1r,sy1u,V3dDOb,sy2i,sy2j,sy4l,sy4h,sy4j,sy4g,sy4k,OShp... Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 309A 586 KB
587 KB 13ms
12ms XHR
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=sy1h,vGOnYd,sy8,syh,IZT63,syu,vfuNJf,MpJwZc,n73qwf,sy13,ws9Tlc,syb,syj,syi,sy15,sy1c,sy1a,sy1b,siKnQd,T8YtQb,sym,syp,syq,syr,sy1k,syw,sy18,sy1r,sy1u,V3dDOb,sy2i,sy2j,sy4l,sy4h,sy4j,sy4g,sy4k,OShpD,sy4i,sy4o,sy4p,sy4n,sy4m,sy4q,J8mJTc,gkf10d,j2YlP,syz,sy17,sy9,syc,syg,syo,sys,cEt90b,KUM7Z,yxTchf,sy14,sy16,xQtZb,qddgKe,wR5FRb,pXdRYb,iFQyKf,syk,sy7,syl,YNjGDd,syn,syt,PrPYRd,syv,syx,hc6Ubd,sy1e,SpsfSb,dIoSBb,sy1f,sy1g,zbML3c,zr1jrb,EmZ2Bf,sy19,Uas9Hd,sy69,WO9ee,sy1j,sy1n,sy1o,sy1d,sy1p,sy1s,sy1t,A4UTCb,sy6u,owcnme,UUJqVe,CP1oW,sy22,sy21,sy1w,sy20,sy1y,sy1z,sy23,pxq3x,sy1m,O6y8ed,sy4y,sy50,sy5o,Sk9apb,sy4u,sy7n,sy7p,sy5w,sy7o,sy7q,sy7r,sy7s,Xhpexc,Q91hve,sy4s,sy5t,sy5u,sy5v,sy5x,sy5s,mRfQQ,sy7u,sy7t,CFa0o,szrus,sy1l,sy1x,VXdfxd,syd,sy11,sy2m,sy5,sy12,sy2l,s39S4,sy25,ENNBBf,L1AAkb,QvB8bb,bCfhJc,sy4x,sy4v,u9ZRK,pItcJd,yZuGp,aW3pY,mvo1oc,sy4,sy3g,sy3h,sy1v,sy3i,sy4e,I6YDgd,sy29,sy28,sy2a,sy2b,sy2g,sy1i,sy24,sy26,sy2c,sy2d,sy2e,sy2f,fgj8Rb,sy27,N5Lqpc,IvDHfc,sy53,p2tbsc,sy54,sy68,LxALBf,sy2o,sy6v,sy2w,sy2y,sy6y,sy34,sy31,sy3o,sy6w,qNG0Fc,sy6z,sy71,sy2p,i5dxUd,sy39,sy3b,ywOR5c,sy73,sy77,sy3s,EcW08c,wg1P6b,sy70,sy72,sy74,sy75,sy76,t8tqF,SM1lmd,sy7b,sy6a,sy6d,sy79,sy7a,sy7c,vofJp,Vnjw0c,QwQO1b,sy52,sy67,sy66,sy4z,sy65,QMSdQb,X16vkb,WdhPgc,JCrucd,sy7l,sy7k,sy7m,Ibqgte,ok0nye,DhgO0d,oZECf,sy2k,akEJMc,zG2TEe,fvFQfe,CNqcN,sbHRWb,sy7v,TOfxwf,sy2n,sy3a,sy80,sy5z,sy62,sy7x,sy81,sy82,sy85,sy89,sy8f,sy8g,A2m8uc,jjSbr,sy7j,sy8b,sy8d,sy8a,sy5n,riEgMd,sy8e,lSvzH,sy7w,yUS4Lc,v4y9Mc,KOZzeb,sy5a,sy5c,sy5d,sy5b,xKXrob,sy57,sy5l,sy61,sy63,sy64,DPwS9e,lWjoT,sW52Ae,sy7y,sy84,sy86,sy83,RGrRJf,OkF2xb,syf,sy58,sy5y,xmYr4,ID6c7,sy8h,rmdjlf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23e4a995297af6d7e3abf5dc3212a2390efd61c55e15aced428ed4508654fe47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:51:16 GMT
x-content-type-options: nosniff
age: 9137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600491
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 08:51:16 GMT

GET
H3 200 m=sy7z,sWGJ4b,sy5f,sy5g,sy6f,sy6g,sy6h,EGNJFf,iSvg6e,sy6i,uY3Nvd Show response
www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/ Frame 309A 22 KB
8 KB 7ms
7ms XHR
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=0/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=sy7z,sWGJ4b,sy5f,sy5g,sy6f,sy6g,sy6h,EGNJFf,iSvg6e,sy6i,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a535ba09ab809d987eb451502fe1d911ed8959328eaa381ee0bcbeaded320c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7980
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 17:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-forms"
vary: Accept-Encoding, Origin
report-to: {"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://docs.google.com
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 19:22:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
40ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://docs.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://docs.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 11:23:33 GMT
expires: Tue, 05 Dec 2023 11:23:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 309A 131 B
155 B 86ms
71ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://docs.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 11:23:33 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/ Frame 309A 0
209 B 320ms
320ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/naLogImpressions

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-CCT7urqwGXToTtd51f_66A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-CCT7urqwGXToTtd51f_66A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5GxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 309A 2 KB
2 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5GxK.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:14:58 GMT
x-content-type-options: nosniff
age: 295715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:14:58 GMT

POST
H3 200 getmetadata Show response
docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/font/ Frame 309A 514 KB
13 KB 330ms
330ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/font/getmetadata

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.de.4RUTbODMmqc.O/am=EAY/d=1/rs=AMjVe6hdid7l9_95D8TjNxNAFXgoMpgtAQ/m=viewer_base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4caf0e36dd19c395a07167bc67d8f38c73263c10ff786db363c5f0b5c8c7abe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 003C 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:37:20 GMT
x-content-type-options: nosniff
age: 71173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Dec 2023 15:37:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 003C 15 KB
16 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 388597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 003C 15 KB
15 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 483726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 003C 102 B
135 B 15ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=obizamieey72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 11:23:33 GMT

GET
H2 200 heho-ml-recommend-mkt-api-10 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw/ 405 B
691 B 841ms
282ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw/heho-ml-recommend-mkt-api-10
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6344f577419d3db79fb3e2c6f7cf973031e22de4941e7277d782a4e6d2d455ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"195-sAO18U8wyWGvBfdTJKMM92gSbfk"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 405

GET
H2 200 heho-ml-recommend-mkt-api-11 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw/ 405 B
690 B 848ms
289ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw/heho-ml-recommend-mkt-api-11
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27a978cb6edc80bdcc5c73522e81cc7613e190ec278b374a884d46a3d4c7db15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"195-ayTlFxMzOsY7qlmSHvs68eUtDsY"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 405

GET
H2 200 heho-ml-recommend-mkt-api-10 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw/ 405 B
690 B 848ms
289ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw/heho-ml-recommend-mkt-api-10
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6344f577419d3db79fb3e2c6f7cf973031e22de4941e7277d782a4e6d2d455ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"195-sAO18U8wyWGvBfdTJKMM92gSbfk"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 405

GET
H2 200 heho-ml-recommend-mkt-api-11 Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw/ 405 B
690 B 844ms
286ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw/heho-ml-recommend-mkt-api-11
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 27a978cb6edc80bdcc5c73522e81cc7613e190ec278b374a884d46a3d4c7db15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"195-ayTlFxMzOsY7qlmSHvs68eUtDsY"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
content-length: 405

GET
H2 200 TUZyzwprpvBS1izr_vOEDOSf.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 309A 4 KB
4 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vOEDOSf.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afd7b4ce1230fc5d6cb58daebeed6bcd09ebee1e4414367596bc3bb33f62444c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:58:40 GMT
x-content-type-options: nosniff
age: 15894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 06:58:40 GMT

GET
H2 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIOpYQ.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 309A 4 KB
4 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIOpYQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c1d1b09af9ea0e4a497cf8f1baaf915bb032eca2ae369869566282d156cb25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:42:59 GMT
x-content-type-options: nosniff
age: 9635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4280
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:31:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:42:59 GMT

GET
H2 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrUfIA.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 309A 2 KB
2 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMDrUfIA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a631f36b97689ffb94afdaef8032e78479d469894a2b18f007dea806dc1172b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:01 GMT
x-content-type-options: nosniff
age: 388593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1664
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:23:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:01 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkAo9_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 309A 3 KB
3 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkAo9_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a817a663ee912ccf67f30d9cddfb563e15efdabb3de65fe491abdfbea5c6578f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:25:40 GMT
x-content-type-options: nosniff
age: 323874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2568
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 17:25:40 GMT

GET
H2 200 wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLFneg.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 309A 1 KB
1 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WCzsWzLFneg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80083bb74056d4ea185160dd596de5a63d5ed834778a5d7f7e4e843ba4421345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:29:12 GMT
x-content-type-options: nosniff
age: 273262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:29:12 GMT

GET
H2 200 neILzCirqoswsqX9zoSmMw.woff2
fonts.gstatic.com/s/lobster/v30/ Frame 309A 4 KB
4 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoSmMw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5acbe17fd4e63cca2ce1b72e482fc2411d27d9d534476ad7f0108b9df087fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:41:15 GMT
x-content-type-options: nosniff
age: 27739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4344
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:41:15 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJHkq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 309A 1 KB
1 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuxJHkq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bba06493e9d01e72d0c0acfbf64abbf9f9198dbb7788285bf8d7b9005d0588f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:41:13 GMT
x-content-type-options: nosniff
age: 74541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 14:41:13 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-eiZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 309A 4 KB
4 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-eiZM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dcebb5ec80a2ddab469a77f1a37412c34205ef76d054131083b0bf663b786fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:48:55 GMT
x-content-type-options: nosniff
age: 41679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3640
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:48:55 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw_aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 309A 1 KB
2 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw_aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdaae795074ced24ad382f9f21c4f2e3443d3dc27bf6f75ab5cb43d54f23f009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:49:00 GMT
x-content-type-options: nosniff
age: 41674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:49:00 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTI3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 309A 1 KB
2 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTI3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10505df86b3638be7b5707a542c0c7c80ed856f14e037bb1c64bfaf712b0ab75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:47 GMT
x-content-type-options: nosniff
age: 407147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1528
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:47 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUBiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 309A 1 KB
1 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUBiZQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4524691b7547d0d9f1a34ff172d940bedafd7725a14a5bd1121807b7d993bffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:40:41 GMT
x-content-type-options: nosniff
age: 322973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 17:40:41 GMT

GET
H2 200 FwZY7-Qmy14u9lezJ-6B6Mk.woff2
fonts.gstatic.com/s/pacifico/v22/ Frame 309A 5 KB
5 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6B6Mk.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

867352b1c82c47d71a11744e3886441a848780dca87928bac596e5f3473bfaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 03:12:07 GMT
x-content-type-options: nosniff
age: 288687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5044
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 03:12:07 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDRbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 309A 3 KB
3 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDRbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee21fa3a8dd34931830b255fb301dec184add039958f2378ec534733b4002011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:01:05 GMT
x-content-type-options: nosniff
age: 62549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2688
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:01:05 GMT

GET
H2 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QuW4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 309A 1 KB
2 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_QuW4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc93b0c6ccf01063b9788530ca2389636059624b18599de8edef8d4054255474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:19:29 GMT
x-content-type-options: nosniff
age: 551045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:07:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 02:19:29 GMT

GET
H2 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotl6Z8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 309A 2 KB
3 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotl6Z8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

171d4c2505ae91856b2fe01ef5154d89feec1591421b5ee67f6ef8c0f50649c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:40:35 GMT
x-content-type-options: nosniff
age: 31379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2484
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:06:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 02:40:35 GMT

GET
H2 200 rnCr-xNNww_2s0amA9M_kng.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 309A 3 KB
4 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M_kng.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4ba92453033372b440e5e762eedec60dec8b3c32008f599b1c7f46376d64216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:35:12 GMT
x-content-type-options: nosniff
age: 265702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3576
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 23:15:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:35:12 GMT

GET
H2 200 TUZyzwprpvBS1izr_vO0CA.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 309A 63 KB
63 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZyzwprpvBS1izr_vO0CA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a6c1001c36d7f2f8ad4df369baf38217af3adaae94a5625651c05f4c3a38bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:00:06 GMT
x-content-type-options: nosniff
age: 26608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64068
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 04:00:06 GMT

GET
H2 200 TUZ3zwprpvBS1izr_vOMscG6fA.woff2
fonts.gstatic.com/s/amaticsc/v26/ Frame 309A 63 KB
63 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v26/TUZ3zwprpvBS1izr_vOMscG6fA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1de6eac3059ca778e6d2367182c7f11edc81e09971e56f788db308a674ea7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:37:46 GMT
x-content-type-options: nosniff
age: 283548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64656
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 04:37:46 GMT

GET
H2 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9SIc.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 309A 98 KB
99 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9SIc.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54efcb5570863b2329c2c677749c85c7ed337f5c16bf38caea17807196150293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:02:57 GMT
x-content-type-options: nosniff
age: 48037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100756
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:32:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:02:57 GMT

GET
H2 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6SIc.woff2
fonts.gstatic.com/s/caveat/v18/ Frame 309A 103 KB
103 KB 49ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjRV6SIc.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b73dc2a43d6620b4ae7b1e05eea2342cf309352b4dcaadeb4491c5b72468e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:22:06 GMT
x-content-type-options: nosniff
age: 54088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105776
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:22:06 GMT

GET
H2 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMPrE.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 309A 37 KB
37 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMPrE.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3525fca875bf7203e92f116e0c5532dd5b5fe0f0ca5e12c6c4c8b9bd77566e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:48:37 GMT
x-content-type-options: nosniff
age: 135297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37488
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 21:48:37 GMT

GET
H2 200 1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LPrE.woff2
fonts.gstatic.com/s/comfortaa/v45/ Frame 309A 36 KB
36 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4Y_LPrE.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcbaf64460b4db78ba16ee6230d2c90215dda58ce8c285348d624fe32dbc470e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:03:10 GMT
x-content-type-options: nosniff
age: 48024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36840
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:03:10 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RUBg.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 309A 124 KB
124 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RUBg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ca1eee7725d016477dddd403b78c514438b1d2cd58545b4bc9fd6db9647d83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:44:49 GMT
x-content-type-options: nosniff
age: 23925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126552
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 04:44:49 GMT

GET
H2 200 SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNUBg.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 309A 140 KB
140 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-DPNUBg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e92624ff29d44c47f313d24e815f4f9b1ee01ceb5700f6fc9eb3baa215159f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:25:18 GMT
x-content-type-options: nosniff
age: 46696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143084
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:25:18 GMT

GET
H2 200 SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QI9_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 309A 114 KB
114 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7e8QI9_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd8bed74936b7b0f1745b3b117cab8be5ec9405fb4771226270462e670b8d9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:46 GMT
x-content-type-options: nosniff
age: 407148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116720
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:27:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:46 GMT

GET
H2 200 SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR49_.woff2
fonts.gstatic.com/s/ebgaramond/v27/ Frame 309A 127 KB
127 KB 35ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ebgaramond/v27/SlGFmQSNjdsmc35JDF1K5GRwUjcdlttVFm-rI7dbR49_.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b6fc407ad68085b7ea80a7f03939ed11b4ad702c3067ff89bcd8ee26320ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:02:01 GMT
x-content-type-options: nosniff
age: 483693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129672
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:02:01 GMT

GET
H2 200 wlptgwvFAVdoq2_F94zlCfv0bz1WCzsW_LU.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 309A 25 KB
25 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WCzsW_LU.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

081a9357e5da041fc09dbef6c0abaa986251670aacbc6029228d37f34fd1fe25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:41:15 GMT
x-content-type-options: nosniff
age: 27739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:41:15 GMT

GET
H2 200 wlptgwvFAVdoq2_F94zlCfv0bz1WC9wR_LU.woff2
fonts.gstatic.com/s/lexend/v19/ Frame 309A 26 KB
26 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lexend/v19/wlptgwvFAVdoq2_F94zlCfv0bz1WC9wR_LU.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee1925de22baa2ef5bcb426a76da601c7a094d4d87cc8703b80db62ac2452c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:52:19 GMT
x-content-type-options: nosniff
age: 77475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26936
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 13:52:19 GMT

GET
H2 200 neILzCirqoswsqX9_oA.woff2
fonts.gstatic.com/s/lobster/v30/ Frame 309A 98 KB
98 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9_oA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93f4669cc09016e4d1ad1836a4cd1ebcf832c22979e5fa11db4f7c3620223ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:23:43 GMT
x-content-type-options: nosniff
age: 21591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99952
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 19:54:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 05:23:43 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuyJD.woff2
fonts.gstatic.com/s/lora/v32/ Frame 309A 46 KB
46 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787weuyJD.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4ca9b9303fc55a1053c3a796249078fc00d2389cf2f4b1f006bb19917e3bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:47:08 GMT
x-content-type-options: nosniff
age: 9386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46996
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:47:08 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787z5vCJD.woff2
fonts.gstatic.com/s/lora/v32/ Frame 309A 46 KB
47 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787z5vCJD.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd98aaaf11a21804cbf7f5b10e7ef9a80c30a47840b7b1dfa51a84fb298ffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:22:38 GMT
x-content-type-options: nosniff
age: 28856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47568
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 03:22:38 GMT

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFkq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 309A 49 KB
50 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFkq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07598e9c2aae44f349f488e73a31691f1f0f8c5eaedeaa69f2bcb56efa59a934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:59:11 GMT
x-content-type-options: nosniff
age: 33863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50560
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 01:59:11 GMT

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-C0Ckq0.woff2
fonts.gstatic.com/s/lora/v32/ Frame 309A 49 KB
49 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-C0Ckq0.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf721c6995366adb25d098fe2b901999ed3a750a2cd7d0f57f0e9d85af2aee29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:13:00 GMT
x-content-type-options: nosniff
age: 36634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50448
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 01:13:00 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5Ofg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 309A 58 KB
58 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5Ofg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a070c331573aa324fa2deac1a1b42b2d58e9660268555ee382d857e651e33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:06:33 GMT
x-content-type-options: nosniff
age: 8221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58892
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 09:06:33 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eSZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 309A 56 KB
56 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eSZM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8977152b314fcd5d04bec050367c0aafa91899501593e9ecb0d6090cdac29a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:03:10 GMT
x-content-type-options: nosniff
age: 48024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57612
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:49:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:03:10 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNpWg.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 309A 56 KB
56 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNpWg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b183e10d8c5db234637e82bef4014117bd41c956c69af55fa0165a7be31666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:01:48 GMT
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 09:01:48 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wsf6.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 309A 57 KB
57 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wsf6.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133bb5c5af6b43d96660ff65f46464f2a03f7d0deeb8e2a1f8e0aa7ce6770120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:20:26 GMT
x-content-type-options: nosniff
age: 18188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58012
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:59:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 06:20:26 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 309A 39 KB
39 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Ew7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff8c9a38c906236a4025b752da6a83403df53f22f0fb8b88155b7b04a5229904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:58 GMT
x-content-type-options: nosniff
age: 388596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39708
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:53:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:58 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 309A 39 KB
39 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM70w7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184819cfd66eee3bbf756a609a0ea8034f09dcf8c68cd817b08358d8e5579ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:48 GMT
x-content-type-options: nosniff
age: 407146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40184
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:40:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:17:48 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 309A 39 KB
40 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17406c4e4926c81dcd8f3832b79428ccf82f5a3af17c03afd0e37f13413851b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:30 GMT
x-content-type-options: nosniff
age: 388564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40412
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:30 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 309A 40 KB
40 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6aXo.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347b8e3e68694a70f4b024cdbee7fb7ed5f98c19d0dafef6b8f237191c796f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:25:32 GMT
x-content-type-options: nosniff
age: 43082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:53:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:25:32 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshRTY.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 309A 41 KB
41 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshRTY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add6ddd7fee32d58eba385983ab7dcc9657ad97cdbd4bf4594db38675847edb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:45:36 GMT
x-content-type-options: nosniff
age: 41878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42132
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:45:36 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTY.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 309A 41 KB
41 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDFwmRTY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c129c2c42b2f1d5af9bd5b9858f0eba8215ee3ebf61fbc99866e107b2c0af4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:52:41 GMT
x-content-type-options: nosniff
age: 9053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41676
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:10:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:52:41 GMT

GET
H2 200 XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXA3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 309A 44 KB
44 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNirXA3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ea7445e374a6aab69f4e13ddbc9fc0e356c731e2d1f093619b93d4281bbe2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 03:15:49 GMT
x-content-type-options: nosniff
age: 288465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44980
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:56:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 03:15:49 GMT

GET
H2 200 XRXK3I6Li01BKofIMPyPbj8d7IEAGXNiSnc3jw.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 309A 43 KB
43 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXK3I6Li01BKofIMPyPbj8d7IEAGXNiSnc3jw.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8fb82df9421fa2de18e11b89200eeccb188dab713331f06c6c8782ad5ce5437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 07:18:54 GMT
x-content-type-options: nosniff
age: 273880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44316
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 07:18:54 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvgUQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 309A 31 KB
31 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvgUQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c4965a6e9c89dee7d1389167c821976bfbf55d80e7dcddfbcb5400b1ae01c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:58:29 GMT
x-content-type-options: nosniff
age: 293105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31456
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:20:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:58:29 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZogUQ.woff2
fonts.gstatic.com/s/oswald/v53/ Frame 309A 32 KB
32 KB 71ms
71ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZogUQ.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68425336934a956337b4593a3d47d51d2970d03ac4a9c9fc795596f13eb21775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:41 GMT
x-content-type-options: nosniff
age: 8933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32644
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:20:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:54:41 GMT

GET
H2 200 FwZY7-Qmy14u9lezJ96F.woff2
fonts.gstatic.com/s/pacifico/v22/ Frame 309A 83 KB
83 KB 69ms
67ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ96F.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e05fd4c39d2671d0febcf551364287a41d4889ca4692817722459ff34940ac81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:57 GMT
x-content-type-options: nosniff
age: 388597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84892
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:57 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDV.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 309A 41 KB
42 KB 67ms
65ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvUDV.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c0243aeabbf9c2f5353f0f043cdfe582305ce9232dafae04789f72ad8b8a2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:49:38 GMT
x-content-type-options: nosniff
age: 38036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42416
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 00:49:38 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDV.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 309A 45 KB
45 KB 69ms
67ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiukDV.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31594918e6093b22f7d61e9ef00fe99af5de221a8e7b039517c38bb140fa6d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:45:40 GMT
x-content-type-options: nosniff
age: 41874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45636
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:45:40 GMT

GET
H2 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 309A 40 KB
40 KB 70ms
68ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f880482da8a65732322f1cc972412501c1d33d35edece8f4aba96fab40c3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:25 GMT
x-content-type-options: nosniff
age: 327309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41308
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:25 GMT

GET
H2 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v36/ Frame 309A 43 KB
43 KB 66ms
64ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v36/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_k-UbtM.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16a97a25c22e0a3666a93f2cc4dfb340df15a55dc32190f797ee748f2d7b3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:18:44 GMT
x-content-type-options: nosniff
age: 270290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43740
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:29:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:18:44 GMT

GET
H3 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPRg.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 309A 37 KB
37 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vqPRg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2706dfabcbaaf2dee90c3a10c168d5f5691ce787dcae9e77cd038f66b08fc4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:49:00 GMT
x-content-type-options: nosniff
age: 41674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37632
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:57:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:49:00 GMT

GET
H3 200 L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_Of2PRg.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 309A 37 KB
37 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_Of2PRg.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7615aed2ed8f1361d3aba2b6ce6612468463e660e8bd4a4302b24c113ec57308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:23:13 GMT
x-content-type-options: nosniff
age: 327621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37800
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:30:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:23:13 GMT

GET
H3 200 L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrlnAOW4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 309A 40 KB
40 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrlnAOW4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed2dc63202e8e1e06cc22eb23d39212a36034d90dbc76274ec7f85deb1d3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:45:52 GMT
x-content-type-options: nosniff
age: 23862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41220
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 04:45:52 GMT

GET
H3 200 L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrmAB-W4.woff2
fonts.gstatic.com/s/robotomono/v23/ Frame 309A 41 KB
41 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotomono/v23/L0xoDF4xlVMF-BfR8bXMIjhOsXG-q2oeuFoqFrmAB-W4.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68c3f849762d80f759a7702f52b6f9c432173951d7d5e830c98cedfdeba5e53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:13:55 GMT
x-content-type-options: nosniff
age: 68979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41584
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:09:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:13:55 GMT

GET
H3 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotp6I.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 309A 63 KB
63 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEliotp6I.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb1d125975da6683e4db07394e5035b0cde2782b389341bb577d2a274262e839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:19:53 GMT
x-content-type-options: nosniff
age: 299021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64888
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:29:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:19:53 GMT

GET
H3 200 R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEls0qp6I.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 309A 71 KB
71 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71RjywflP6FLr3gZx7K8UyuXDs9zVwDmXCb8lxYgmuii32UGoVldX6UgfjL4-3sMM_kB_qXSEXTJQCFLH5-_bcEls0qp6I.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d81818ee4513a1dbc74d17b8dcec5aa730a70ceca96b75a68ad007554e01cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:13:00 GMT
x-content-type-options: nosniff
age: 36634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72264
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 17:35:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 01:13:00 GMT

GET
H3 200 R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuT-R8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 309A 64 KB
64 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuT-R8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7c81ec43ffc35a71567094e98836d7545681a399618661c8f1eb202b580206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:00 GMT
x-content-type-options: nosniff
age: 388594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65812
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 19:14:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:00 GMT

GET
H3 200 R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuqON8AA.woff2
fonts.gstatic.com/s/robotoserif/v13/ Frame 309A 71 KB
71 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoserif/v13/R71XjywflP6FLr3gZx7K8UyEVQnyR1E7VN-f51xYuGCQepOvB0KLc2v0wKKB0Q4MSZxyqf2CgAchbDJ69BcVZxkDg-JuqON8AA.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc3cce7b52175a0e42f8b92d45322ebaa709d227f9ec52643e75410fda94b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:52:13 GMT
x-content-type-options: nosniff
age: 9081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72784
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 19:14:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:52:13 GMT

GET
H3 200 rnCr-xNNww_2s0amA-M7.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 309A 54 KB
54 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA-M7.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8faffb5e867554c1ab9b0edd0e11e8b5a3d4b9842d860a11646371c2b84d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:27:48 GMT
x-content-type-options: nosniff
age: 262546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55204
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:22:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:27:48 GMT

GET
H3 200 rnCt-xNNww_2s0amA9M8kng.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 309A 57 KB
57 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCt-xNNww_2s0amA9M8kng.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aada1ac84edc0a0f678a12e87b835b9c5a71fc4cec407ca0420c6561cb53a439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 00:16:48 GMT
x-content-type-options: nosniff
age: 299206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58200
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:19:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 00:16:48 GMT

GET
H3 200 rnCs-xNNww_2s0amA9uCt13D.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 309A 59 KB
59 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9uCt13D.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc62f0847bbeb2b050932bc04e8d60087955e2bbe3659fbe89408f4c62f2f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:29 GMT
x-content-type-options: nosniff
age: 483725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60648
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 23:19:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:29 GMT

GET
H3 200 rnCu-xNNww_2s0amA9M8qsHDafY.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 309A 63 KB
63 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCu-xNNww_2s0amA9M8qsHDafY.woff2

Requested by

Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA/viewform?embedded=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1382decc32857b4dc59faafdf57088d9f6917b18ece82cc47f84010224008c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
Origin: https://docs.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:47:32 GMT
x-content-type-options: nosniff
age: 293762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64164
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:49:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 01:47:32 GMT

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame A25D 157 KB
25 KB 56ms
25ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 446827
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFHC2CRKSJBHCS91RA9FQM2-fra
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830beaf35de21c1e-FRA

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame A25D 2 KB
1 KB 46ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2097240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbjflfAG%2FVXGXdMkekhfO3qhrUYBOXdQqz1AmSMtf1nk2Maw0Fd6HPNTHNhlufSy9sAvsvfh%2Bc0Hf6xWEdXJGh4GGHjxxFQekoiIXRHsF9vke%2B87PnQBJr4vXqFwYGsWeT10VAuqv%2B%2BKwRaV3GsSTaCc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beaf34d909b74-FRA
expires: Sun, 24 Nov 2024 11:23:34 GMT

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame A25D 1 KB
1 KB 39ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 553304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr1WZ3JWGg89tXcrIZtR7pmYm%2FhlZqm9uE2wKXF3CduseFJE%2F9ebWHX%2FnGyVGGWFfJ%2FyYeb0oBFM8t8nRoyWMzKF3Rl6D9fhd%2FHIqACRLddWOwyxsywxs%2FmRbXXaKEAR6%2BlWDCvN7sPdv6%2B%2BI%2FIaQm37"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beaf34d8d9b74-FRA
expires: Sun, 24 Nov 2024 11:23:34 GMT

GET
H3

200

1669685415.0137.gif
img.heho.com.tw/wp-content/uploads/2022/11/ Frame A25D
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif

30 KB
31 KB

413ms
413ms

Image
image/gif

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c784e0a746c79495f6389971b2f60ef425d4d98a1ab85b9945e31a41e2fe9ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 30760
last-modified: Tue, 29 Nov 2022 01:30:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fco6m%2FgouTxCrSNJ0ZKU65qrZBbGUIAl3NXWnFu8e6szCmhCS%2BGXB7E7JwDht%2FAhGiPJ2rOI540QOg1qJrywDDDGEn%2Fe40U7wx6VLOAut8MpPIZ4ssYbYrEUcBiyNTWo%2BuUjU5H8T83Ubd%2FqVUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf4eb1cc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669685415.0137.gif
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ Frame A25D 88 KB
28 KB 39ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 203688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RASGC57ihDRKA8XW09ahFaNtwVbBmNOgjHam6iJEODQwsMnjbRRMIVJ6cga9jXmcfSHlugXXNW2TcNj%2BzXeALgf8CNJma%2Faj34gPakLplkSw1dOthcjS5hOA%2Bv%2FDx2t65hfZV6Rax13baKHJXV0W471t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beaf34d939b74-FRA
expires: Sun, 24 Nov 2024 11:23:34 GMT

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame A25D 42 KB
10 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 199045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9283
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSeZXAAWtZkvm0mYogvtBSHKWQoSZcb2oEkei%2Fn93QzKDe%2F7HG09VDaisOAUYyD2s8NQdA%2BDvEfuG5T%2FO5ULrY3J3PwXZTKSpv6oHsGaWH1bEnf9VeblR2MUlkgcf7dTxRkb%2Bg%2B7NpMYix8mfvif3Rge"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beaf3fe7f9b74-FRA
expires: Sun, 24 Nov 2024 11:23:34 GMT

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ Frame A25D 71 KB
24 KB 31ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4247003
x-cache: HIT, HIT
content-length: 24606
x-served-by: cache-lga21954-LGA, cache-fra-eddf8230110-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701775414.414162,VS0,VE0
etag: W/"28feccc0-11abc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 55, 110474

GET
H2 200 bootstrap.bundle.min.js Show response
unpkg.com/bootstrap@4.5.3/dist/js/ Frame A25D 82 KB
22 KB 21ms
21ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 39072
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGVP7R447VEKKSNT9QX3JPVZ-fra
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830beaf3fe6b1c1e-FRA

GET
H2 200 vue.global.prod.js Show response
unpkg.com/vue@3.2.26/dist/ Frame A25D 124 KB
48 KB 40ms
24ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@3.2.26/dist/vue.global.prod.js

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mkt/heho-post_marquee/0-heho.com.tw/ccde6a5c-eafd-43c1-bb79-4f04bd66acfe/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea457f0a12915cc9612ecc2a0c085b16c5cf8af109f1be1c7fcc358a9d52fbc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2255589
last-modified: Sun, 12 Dec 2021 07:02:30 GMT
fly-request-id: 01HESMD1CY2PKC404QF1TSQ4WP-fra
server: cloudflare
etag: W/"1f036-LNt2RAJtpQz3fWavx+ri3EDtwx0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830beaf40b50bbc7-FRA

GET
H2 200 ox-ra.html Show response
ml.oxra.com.tw/ox/mkt/ Frame 3C8F 4 KB
1 KB 268ms
260ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/ox-ra.html
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8c089632f2472d720775d3f5d81306f073905aded8a9a2ce493a4c516984c5f5

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 05 Dec 2023 11:23:34 GMT
etag: W/"638da8a3-fe6"
last-modified: Mon, 05 Dec 2022 08:15:31 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 403 / Show response
json.geoiplookup.io/ 109 B
611 B 89ms
47ms Fetch
application/json 2606:4700:3037::ac43:8652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:8652 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Octolus

Resource Hash

334e702012cf0d8dfdbcfe2a9ff9e70032ca59cad3573f01454a3e1706131f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Octolus
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4BS4GFZYM73H0jVqFMR%2F7BWQG24GsIVPNVhKvB3%2B%2BxWmcJ3MeVAQ0W4LD2bexXH9P0%2FPErR66spm0AyiH3uw7fz2onlwBSxu8M5Sn2AJ5C%2B8RB0H8S1DQ1tKalCEqwqFvhoGJjjd2pdeGw9Jrusz1Rq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 830beaf37d122c7b-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK heho_tw.js Show response
api.popin.cc/searchbox/ 296 KB
53 KB 1065ms
523ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/heho_tw.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-infinite-sdk-heho.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6ad6b8b2dd661ae7182bde4de0a90cdfb0d06d3451102d5d5137c340c2b70a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:23:34 GMT
x-amz-version-id: 5Mh7ixb3Dd5l1mG.ChAdgvhTx58c73G3
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 23 Nov 2023 06:41:17 GMT
Server: nginx
ETag: W/"ac4ecf4b2ad220e41579a6ee2a1ad580"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2023 12:23:34 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E935 0
16 B 16ms
16ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&adk=1812271804&adf=3025194257&lmt=1701774902&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x810_r&format=0x0&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775414280&bpp=2&bdt=1834&idt=2&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120%2C1050x120&nras=1&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=85

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 heho-ml-popup Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-43/page-heho.com.tw/f2bdf273-3bca-49f3-96dd-f783dcd9e704/heho.com.tw/ 3 KB
1 KB 410ms
292ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-43/page-heho.com.tw/f2bdf273-3bca-49f3-96dd-f783dcd9e704/heho.com.tw/heho-ml-popup
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22bd7cf3246f1ba3c6875d4099495f7915382811d89d27f1925a9fba8078b730

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
etag: W/"b19-+muyr6afGDU6FZsD8sRd8NRQW2s"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization

GET
H2 200 heho-ml-floating Show response
ml.oxra.com.tw/ra/mktadv2/mkt-api-37/page-heho.com.tw/f2bdf273-3bca-49f3-96dd-f783dcd9e704/heho.com.tw/ 2 KB
1 KB 410ms
291ms Fetch
application/json 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktadv2/mkt-api-37/page-heho.com.tw/f2bdf273-3bca-49f3-96dd-f783dcd9e704/heho.com.tw/heho-ml-floating
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b91a5d0c93ab9e0c055f1e0d6ff22688984670591f4853b000454b703fb2fcb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
etag: W/"702-Gr6mXTh/fPlvyRdLGdfipEDo0rA"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://heho.com.tw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization

POST
H2 200 do_add
oxra.com.tw/sys/pv/ 0
0 250ms
249ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sys/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Tue, 05 Dec 2023 11:23:35 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

OPTIONS
H2 200 do_add
oxra.com.tw/sys/pv/ Frame 0
0 758ms
254ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sys/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:35 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 70EE 14 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:57:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 11:23:34 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 70EE 225 B
355 B 29ms
8ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:32:33 GMT
x-content-type-options: nosniff
server: cafe
age: 24661
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Wed, 06 Dec 2023 04:32:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 70EE 2 KB
903 B 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 70EE 24 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:59:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 70EE 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 70EE 20 KB
9 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 70EE 0
0 17ms
17ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqTzeY9ZqEG2SaJ34P60-OS1dQqBeJNoTG8u7PHmZSUcW5pjA-jI4RmvvhsnNaYgTcFjOlvJze6Ht_CshOZV3hDzuHiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 70EE 202 KB
64 KB 87ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:34 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 70EE 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H3 200 chunk.slider.js Show response
heho.com.tw/wp-content/themes/flatsome/assets/js/ 49 KB
13 KB 346ms
346ms Script
application/javascript 34.149.230.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/flatsome.js?ver=be4456ec53c49e21f6f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.230.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.230.149.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bec887feaec684bbc55998c457617df16605234f032386cd8068ad2dc8964a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 27 Nov 2023 08:14:20 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13382
expires: max-age=2592000, public

GET
H3

200

1701766241.7663.png
img.heho.com.tw/wp-content/uploads/2023/12/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png
https://img.heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png

273 KB
274 KB

24ms
24ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0ff9a32cefd5253e343aa3a1a9772513d60ae479e41ea5dfa0462e4aa31f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4980
alt-svc: h3=":443"; ma=86400
content-length: 279586
last-modified: Tue, 05 Dec 2023 08:50:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=214kvmONef0U9aNYAYjEX4C53jvbRKhDCNmzWZhp%2BmlqALsJP48%2FS9KyzAUxCFGqHy2j5lzC1aq6RhLMCQ6eJBxElXrYRir0TG8pdH1NQ9F6cqqgEFdeUZhNRqZhwwGt9524z1PqJDOcr5l5PFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf69cfec2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/12/1701766241.7663.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1701769278.7487.jpg
img.heho.com.tw/wp-content/uploads/2023/12/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg
https://img.heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg

131 KB
132 KB

749ms
749ms

Image
image/jpeg

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51517aa1e842c8fa674210dabc693b435db2d5edcacf311a67e95abd4a040600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 134449
last-modified: Tue, 05 Dec 2023 09:41:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPYZN4Zu33Wj6mhinunZ180%2BPSJPmmEliprDxOnvnHjoFrNN4sFEF3BGNNDSbKaWozih010lQYd2J6WujW5HX0wCtDzQkzoOTK94dAQOfr3wGDoEV5%2FkhPsO9xiTS2R%2BfRfkYR7lCwo9Wnf7wQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf69d01c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1701763566.3471.png
img.heho.com.tw/wp-content/uploads/2023/12/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png
https://img.heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png

264 KB
264 KB

1068ms
1068ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e20339f5886b36f7afffb514bce1173794d5f6a4dd37aa45929d62614f9aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 270071
last-modified: Tue, 05 Dec 2023 08:06:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buMIIzffrXEAfC%2FgH0Krd2QpXBPfOqYUIXrTbucQa5J7ws%2FgFhbT8UE7pAwWCrbGDUVqMc%2B7iKgKXrBUJpzt%2BOkQ5SAFNruBu11o6m21jxKYhX8PawZyRn1W%2Bft79CwoJgWIkOGwlCkLosA5wy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf69cfdc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/12/1701763566.3471.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1701763943.9322.png
img.heho.com.tw/wp-content/uploads/2023/12/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png
https://img.heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png

217 KB
217 KB

1055ms
1055ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9647322801c526092a1912ecd4836fc639e4be4f40dda05e83a9811223fb1747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 221718
last-modified: Tue, 05 Dec 2023 08:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krwrXar22SF5Yhi6tcu7TRli7EUk7rBPcT56cusHMIA45WllH0K6SrqOi%2B6VZQVTeRfFYRurIF%2BijrAix%2B7Mund6cjfVkb3pWY1amgHW0rqRxMLWIp3ESlltFi361dh%2FRRRvDAj4VHgrw8Jb7OQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf69cffc2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1697531486.0167.png
img.heho.com.tw/wp-content/uploads/2023/10/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png

142 KB
143 KB

679ms
679ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaa699bffde59485dd19fa60a333645a0e56425bf560e2c42b54938bbb286687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 145916
last-modified: Tue, 17 Oct 2023 08:31:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGoMKjLaI9CrtzhQEkNgg1TZAXsu%2FQXFcRa317p%2Bv9Q6R9t63xf%2B4oDjav2nRxem1TRlCBzS9An78p21HFOyJIE%2FXWfwJ16WZEo5Isrzp76ggShBbK9Ew0H%2FAe5YrSmzHTHAQRql1dy9ZrEmZCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf6ad32c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/10/1697531486.0167.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1688032217.0993.png
img.heho.com.tw/wp-content/uploads/2023/06/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png

162 KB
162 KB

645ms
645ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589ee426ccb7b86d8643b16efc0acbd99cb9590e1237cbbb694eba36efac28e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 165376
last-modified: Thu, 29 Jun 2023 09:50:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtYynGgrCZ0AfaazZgckzFa2c9TqdCywlWBnfPpOH8g6WlG0LoWIn3L81rMYpk9%2Fc2e1rRi0n34Wqz1Wfjlp9rhLOITK4U%2Bgn3qwP3zLC8phNVZPQHtcLLVxKwSyoW3FyxvD2DYl%2B9aZnyHMJho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf69d03c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/06/1688032217.0993.png
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1685591982.4705.png
img.heho.com.tw/wp-content/uploads/2023/06/ 143 KB
144 KB 21ms
21ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/06/1685591982.4705.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 146514
last-modified: Thu, 01 Jun 2023 03:59:47 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUJFA0Xyu9DdlQsLd%2FfXaT1FtyJwTEsbJx6HodnP1xsFEL1bRgq%2Bc6a2nfq9uUT6LUhpoS608nBjKcvKXZPNw9Pz7fbVKqEh3M0H9aVTTfxGv8TD3GUfA2ihzFGEdZR%2BvtPr0wOzJWt3bEDQ%2F3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf4db0bc2fa-VIE
expires: max-age=2592000, public

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EA2D 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E9A9 14 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:57:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 11:23:34 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame E9A9 225 B
283 B 10ms
7ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:32:33 GMT
x-content-type-options: nosniff
server: cafe
age: 24661
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Wed, 06 Dec 2023 04:32:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame E9A9 2 KB
822 B 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:06 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame E9A9 24 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:59:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59045
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:59:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame E9A9 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame E9A9 20 KB
8 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E9A9 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb223iUG3X3CU1QcKThH8fYQF3G1YSd5CMOT9-f11rwTzFzt6HPRnFfjd_CrN0aimhk1IrinvASzSttI92erTt40cjDA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9A9 202 KB
64 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:34 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame E9A9 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H2 200 12992671751122970293
tpc.googlesyndication.com/simgad/ Frame 70EE 12 KB
12 KB 12ms
9ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12992671751122970293?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4754496c3c8815466b4d36b59ab990ffeb3cfd2d4e4018371c1c83c8eced8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:20:26 GMT
x-content-type-options: nosniff
age: 18188
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12045
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 10:56:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 06:20:26 GMT

GET
DATA 200
OK truncated
/ Frame 70EE 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 70EE 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 70EE 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ Frame A25D 4 KB
4 KB 17ms
16ms Image
image/gif 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 624170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3208
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0krDTrYOLab6MrOUdmXa92OusDtHV9Owrz%2FbJaFMDxdty%2FCHA3wMdEFCwnK0aJsX4StJkbLI%2BgYwNN8GGTBKMToSVctDbtz155YyJSpQn62ddylWaBIpbZxRG%2B8HuiWos6Ydv7PbW%2FF0PdDTfgaR6SiS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 830beaf51e1cbb47-FRA
expires: Sun, 24 Nov 2024 11:23:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6581 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2079297147994959179
tpc.googlesyndication.com/simgad/ Frame E9A9 12 KB
12 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2079297147994959179?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b7b7baea916d512ae52ef684436b05c330805445aea9f63ec5f3cf92f5db553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:46:18 GMT
x-content-type-options: nosniff
age: 326236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 10:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 16:46:18 GMT

GET
DATA 200
OK truncated
/ Frame E9A9 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E9A9 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E9A9 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 70EE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9902d51604cb1357c33eb19b474d3a0afddd94fb5d10fb0bcd122885e31610d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame EA2D 0
104 B 108ms
69ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHZHZF2q3MNQGigbJdNytwU&google_cver=1&google_push=AXcoOmSU2KjHf7MuFxfjeJ9-_Koj12oRVoNWyGRekFOUR9VtFJxkWaqrPJDy6esbi6lWLNVndOavZIx1ixeHSt6-IYnUj31YiK4dikJ3Z2ruO4gY0opEYT9YKa-PAL7n7alH5H8IbQPvCXxlbeC_noT_FykauvM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EA2D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmU...

43 B
445 B

172ms
163ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830beaf6dfec5c5c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 5238
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFHVz72P4ogEZPwoDF3tIk4&google_cver=1&google_push=AXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR0wUhJzN_yPVU6CuP4q7r2wMp0zngO79hiH4cXl92jB9HXCM-nATV1qOwYG64raWGduO3IsX4xcIlr574Gz4U5cTq2BmUPn4S4m5UDh3sd7XHIoQTMuU65JdGTD-R8YwZ4r131HY_sF7tobpYjm-eQX6g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830beaf5af015c5c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA2D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGduMcpbV7UWnWyprrsDLLw&google_push=AXcoOmRkg3oWycE_29oNBxzhsnOmkwn5o5zYJT5WKhZXkGPspIv--81lUH...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGduMcpbV7UWnWyprrsDLLw&google_push=AXcoOmRkg3oWycE_29oNBxzhsnOmkwn5o5zYJT5WKhZXkGPspIv--81lUH_AW2yjRY-LAbRCyrQUWhEwSbU232AUaR-c8r8Bwretj2bYOcfmuoMRm4IKzWt29_dut143z6DIwKu1iSnzPv-X0xP-a6VTMVn3iio

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701775415.664092,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGduMcpbV7UWnWyprrsDLLw&google_push=AXcoOmRkg3oWycE_29oNBxzhsnOmkwn5o5zYJT5WKhZXkGPspIv--81lUH_AW2yjRY-LAbRCyrQUWhEwSbU232AUaR-c8r8Bwretj2bYOcfmuoMRm4IKzWt29_dut143z6DIwKu1iSnzPv-X0xP-a6VTMVn3iio
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EA2D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECxaZisR6s0PxX2zbNO7xcU&google_cver=1&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1FVRGkiNVTYkoE3x...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=00F6FD5F525448EA9EFC281423DC58B6&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1...

170 B
329 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=00F6FD5F525448EA9EFC281423DC58B6&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1FVRGkiNVTYkoE3xAAncKEG5gilTwiy6wSXUExCtQO-2tRYhTYA_DjWW4fmLdZWCBDYuE1hg

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 11:23:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=00F6FD5F525448EA9EFC281423DC58B6&google_push=AXcoOmSJhcS1gzpQLWgzsi_gnqrYowXWJ0RNPrYmnuydyj7Uf0VDE24dZGDUxLBEU_dnV6uyf40Z89ha_ediiL1FVRGkiNVTYkoE3xAAncKEG5gilTwiy6wSXUExCtQO-2tRYhTYA_DjWW4fmLdZWCBDYuE1hg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 11:23:34 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame EA2D 0
98 B 42ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQrZ0r6BgU6lscYsCCKSrkOp4iAHpxcSPZmGU_rUeHad-V9XcrA_dUUKmwP-5cV0ukC0HJLZBg5CWQRwKEQwUYVuYFyv48C2pUl3ks8NIO3d8WmBFa6iUYdufCurIXOlFhKcKK1ptuVywQyPH9-7xjeEa8&google_gid=CAESEOzLFKdoaZnjnEaxVnI8Qsk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6373451281&adk=1258054526&adf=1252774615&pi=t.ma~as.6373451281&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413372&bpp=1&bdt=926&idt=277&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120%2C1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=3655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA2D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEtDQ7bju7nGfFrS9g5inyo&google_cver=1&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJX...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJXsbQPqXImJRSXkk3f4pa7K4W2CrKFuO-FVQvkjN...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJXsbQPqXImJRSXkk3f4pa7K4W2CrKFuO-FVQvkjNhcjq_zY4CnMNlwNwkljVMLL3Gw&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 11:23:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmSpmtJRtaANu6OVc9oKTi7SQ072Tzcdb8jf9U9CK0YPLEsXviQzYYHVxCOYhQfT_aZ1Q849BnaMbbYeVsNuzZlJXsbQPqXImJRSXkk3f4pa7K4W2CrKFuO-FVQvkjNhcjq_zY4CnMNlwNwkljVMLL3Gw&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EA2D 43 B
363 B 42ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRYnpn_JQK34hAC1DcIhzYTueFVNoP9sYTYTohSlPfVI9Bv_f4rjEAm-70YtZhxX8zfQlmOC-nU72QxiVNMTQOW_QSyPCM9iQYX_VyuNEu-3-yIagT84iNLHOBaC-Y7rTcWNxWWFFpITIMscMdO_5Yh9dw&google_gid=CAESEP09AuBxdTM2J2LFikb9qHY&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 165299
expires: Tue, 05 Dec 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EA2D 0
139 B 40ms
15ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOn-K7Bl0kZImBAt-4Yxd9hKDaqy7zhyyYisrw3rIEMQ8GY1hi13q8Q11GdcaEJIcpa8mo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E9A9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c03210b34da6c0fd9e907f208b17de8dbba8e28936834509251398205dca158f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6581 0
103 B 85ms
69ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGnVTKb1-GmQpmO1cNaG2As&google_cver=1&google_push=AXcoOmSVIuY3VgTrKSWcKectBPQSaFNdtMh0YQL8Ug0J5lySLNceNvuLeyx-zDjF08YSE4h8PM1K9rdHSgIl9rV0K5aSkIMhTrX2mpP9x4l3oZB4B3Oy7INswBqR65U9TCmb9pZrNnimeyjIYhBkI6dtB_2VHIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6581
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX8Rk-mXphLikJH_QOHr-xA-IPcrKr00ZAW4-10S1d_K-Wf_baysJ-iHxOp6KzyLTAKyhLaCl2bxSxE4ajrfu5tWBt3bGIg4CActmPw4qjgzS-TKX0

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 11:23:33 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESEERUXDSjaesZjN1-PMO32pM&google_cver=1&google_push=AXcoOmQPwnWwguPqh3rPdE0ob7Y6E-9DAo2s7lMZyiKaPzX8Rk-mXphLikJH_QOHr-xA-IPcrKr00ZAW4-10S1d_K-Wf_baysJ-iHxOp6KzyLTAKyhLaCl2bxSxE4ajrfu5tWBt3bGIg4CActmPw4qjgzS-TKX0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6581
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH5Tpc19T443q42Inqud_sg&google_push=AXcoOmR8ZGkOX4GZKm0Z1sow-Fwb-TTvNZSOdvpigpMwCFE94VX1CjrTOm...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH5Tpc19T443q42Inqud_sg&google_push=AXcoOmR8ZGkOX4GZKm0Z1sow-Fwb-TTvNZSOdvpigpMwCFE94VX1CjrTOmXd780OI3qQrzznfQcSjhOV9YL4rIRtCB5PhNml0GYSVnT2zyAmAhB6t4n1evYp_BjxWts972OolsXglWoCN9VFRDtHV6tKHEfpfA

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701775415.664066,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEH5Tpc19T443q42Inqud_sg&google_push=AXcoOmR8ZGkOX4GZKm0Z1sow-Fwb-TTvNZSOdvpigpMwCFE94VX1CjrTOmXd780OI3qQrzznfQcSjhOV9YL4rIRtCB5PhNml0GYSVnT2zyAmAhB6t4n1evYp_BjxWts972OolsXglWoCN9VFRDtHV6tKHEfpfA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6581 70 B
149 B 104ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIEtSpZxLTSD0HzTYYexe0w&google_cver=1&google_push=AXcoOmSW5EkswNhaje5_vBUeXS2oSfUgWunk0A4CVum7uE0gK6O6_fxxBLjptY_qRTlsj7Yp-_7UrbYSIgSrsQBoJ5nfqSLDhOs0Gli8BLuejsO34r6JIU6cNcRLE4BUqm5HItTRqgeg78IpUkDb40EXR5Kkt_Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6581
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKsmhKezhtBFTm_Hpi0RQqA&google_cver=1&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhU...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=52cdAr9YR-Aa9n8-otR0qA&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhUiyhy9u8PT18-FuY...

170 B
232 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=52cdAr9YR-Aa9n8-otR0qA&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhUiyhy9u8PT18-FuYw9b_3Ckl8tEqHR4qeNu0EYYOa74eZGet-bX2qDSjczVr7sZbmsGfGn8g

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=52cdAr9YR-Aa9n8-otR0qA&google_push=AXcoOmSUAWyaEnwdKbGg9ujDej0LhPOCPXDsMp5kfhxyCohl9hVkhrXLU9cXTF5HvqGLSJA_01oLPEgTYqaKUxhUiyhy9u8PT18-FuYw9b_3Ckl8tEqHR4qeNu0EYYOa74eZGet-bX2qDSjczVr7sZbmsGfGn8g
x-host: tde-deliveryengine-production-6987bbc57b-zl7kt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 6581 43 B
146 B 27ms
7ms Image
image/gif 52.29.184.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKzO_wfZzIaIDu_AmYkO12Q&google_cver=1&google_push=AXcoOmThgHsw1uEoXSUkC5LaQoa5O4sX5hSYSRqpL0_aZyCEQEBF7WH9QsmiyVnU_Z6H9NO0ip1477zLUiaqiXnmkOd0BgGZzaBrZfTDCeGHyHLGv21_ixct282aPs3ctQdxcQml_ttq484VblufXtuaakrKlCk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=5043471010&adk=938037319&adf=3625147739&pi=t.ma~as.5043471010&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413369&bpp=2&bdt=923&idt=259&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=2575750184408&frm=20&pv=2&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.184.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

report
sync.teads.tv/um/ Frame 6581
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELDhfl0kORr7...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmROW1WqcquX3fltx6hFSysBMSTP9Jh1xZBjvEDOjMO9zEgsAbZd6ZBcFic9bhZSjAq4_lnfINFoqA4zzjZOlxnse0QNt_u1R2AJcPSNQfzqznoNs...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

32ms
32ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:23:34 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6581 0
40 B 17ms
16ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iydl7vv83K808elauGNtqfacP1BO-QH7KYG7_m1RsUQK7E-JBLxNjSWcM-Y_QiKsOvTCRRhg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 70EE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8xi5NQhvZZr5LPCz5LcP_Kaj2Avu7MzQdOaguJySEmQQASCil8tqYJWKnYKsB6AB0_z21QPIAQmpAhjmkzYQMrI-qAMByAPLBKoEgQJP0GYT3LZG99OI40GSEBJuc9GfJbp_IZuqGOQT0ne...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213039997821905874203%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%222...

0
0

42ms
41ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213039997821905874203%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215711471048423491121%22}&andc=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13039997821905874203","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"15711471048423491121"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:23:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 11:23:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13039997821905874203","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"15711471048423491121"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 70EE 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 483703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:51 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame C316 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 08:13:30 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
42ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 11:23:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E9A9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CB8siNQhvZamJLKaC5LcP8MWakAXu7MzQdOaguJySEmQQASCil8tqYJWKnYKsB6AB0_z21QPIAQmpAiEo4kwCLLI-qAMByAPLBKoE9QFP0FUifZIdNayglqL82oTdbUcivsz5Z3rRb63GtFd...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213540462234137105182%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%222...

0
0

42ms
42ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213540462234137105182%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212694921674492077969%22}&andc=true

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13540462234137105182","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"12694921674492077969"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:23:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 11:23:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13540462234137105182","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"12694921674492077969"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E9A9 33 KB
33 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 483703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:51 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 98F6 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 08:13:30 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 003C 35 KB
20 KB 65ms
65ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf259e3a82cb642feed954fd8e370352a706318c4867e238d981caddd5481512

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfH-N0mAAAAAFbl_1iN5mLWRSOGn_wdfGEDt4cE&co=aHR0cHM6Ly9oZWhvLmNvbS50dzo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=obizamieey72
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 11:23:34 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 11:23:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/ Frame F72E 0
0

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/ Frame 6A92 0
0

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/ Frame 4A42 0
0

GET heho.com.tw
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/ Frame 7342 0
0

OPTIONS
H2 200 do_add
oxra.com.tw/sl/pv/ Frame 0
0 379ms
254ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:35 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

POST
H2 200 do_add
oxra.com.tw/sl/pv/ 0
0 249ms
248ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Tue, 05 Dec 2023 11:23:35 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

GET
H3

200

1699839115.979.png
img.heho.com.tw/wp-content/uploads/2023/11/
Redirect Chain

https://heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png

9 KB
10 KB

21ms
20ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3444723e0dd36e3099deb59133ba82203985f1eba230a07e7ce8eb43b1e1f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 456043
alt-svc: h3=":443"; ma=86400
content-length: 9491
last-modified: Mon, 13 Nov 2023 01:31:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbGydwFbodDnKhJpOfBVtxOrw0T9lbbP4hObICndJBA4k24lfoFGpO6A2y0pXXl2HYwUhdQAcETzvsR79dcjIgURTmz5hWp7cHGcPi4bLZroSVTCu2xZlkRpZd%2FpXbHUQugW1O9jOWjG%2F5hhLxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf8af26c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2023/11/1699839115.979.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
content-type: text/html; charset=iso-8859-1

OPTIONS
H2 200 do_add
oxra.com.tw/sl/pv/ Frame 0
0 378ms
255ms Preflight
text/html 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://heho.com.tw
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://heho.com.tw
allow: POST
content-length: 4
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:35 GMT
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
server: nginx
vary: Accept-Encoding

POST
H2 200 do_add
oxra.com.tw/sl/pv/ 0
0 249ms
249ms Fetch 61.219.68.119
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://oxra.com.tw/sl/pv/do_add
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-global.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.219.68.119 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-219-68-119.hinet-ip.hinet.net
Software: nginx /
Resource Hash

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://heho.com.tw
date: Tue, 05 Dec 2023 11:23:35 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Content-Type, Authorization
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, OPTIONS

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FA4B 624 B
242 B 48ms
48ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGL27s_wBMAE&v=APEucNWYZCDMUVJEDfzquRHprLWX1yu7TLfkxZewONaXajhW-GM_03cP8bGf0u5tm0Gko-D7vSjzuhspyl71PDH1JRK_Q_OtDC5ZH7SpjYblBgETCuuqu533-dwchzvL-RvvGBuCIQDq7vPZ0NneOJsty7q3vLhx_u0MHZ_AQoVeeBOteQKgKNI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame D7C5 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:32:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:32:19 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame D7C5 7 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 20:43:07 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D7C5 0
0 83ms
53ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuJl80JA-_xIWW88SalXNIHvM3XpSuFhdXxdelygDrSIHbyqcuON2xi2GlnmNiME1GFEKcQWdIhuaDkDfDQbbbT5Bg65XHYoWHlzCzRXI0Lx5wMcIj8e4jAF-8UmoLU8_-bTjeCMpuRclX7iTkOJpUGiC_SiFaK09RUcdfvGXrtvGb_LVUDHtfLrzSnwVyE7wSlsvQFtpvPRIBb6tlJ-Fg1RIVSwPgVjwWLAx7Y2HafMklLruWj61y7b-sqBYO2CB43MlGeWz5KcitFdi6qReo2b1nKZYRg5_-KqpEpiFcacXvwUlfmhKbgWbtkNSeFqwJ3pw8dYph2GauQt6Rq0u7IOoSBoRM06NY5eImb7NYos5bZ2Yubd68k9Ef1-oTd4ZhX4f8n2Ik4d6tuUi7jeIiferomSXuMF7-DhZRDLAxRommmCQ1O24jxA5L1BQYxABjc9spPMzeG1ElL7oNvBp6igagGYOcKhNFrCy0n5Z_uFX1o2DJm830u5yxbOtLeMef0Ro5eejvMCfNdaBzWjKxz4_8mjcACY_GTXQGjQhERtUECHVxshWR0B6OT60Rx60bLKeFn0RQlZgARhLeo2n7IInoITkF7EX2WrWt99jq2_RwdVcuw2P457VNxtg5EeD_PpmaE4pM0Gi8aSoH7VqZYxOp7wR7VuHfpD0CUZTV_weNNB-4hljM42Q1iAjj_s3L8V85aeRwTvmzBX8EGG7KBdJYGtKDFK0VeHo2G8URE3roqCOZz0NEYl_COpdtZMrDa1W3Pji9DUoeOXsgTWtHe2OWfoWiiWZL2UOVB9jEr7Er7I7QDTmUeGU-eEjv5wtPtn2_r9UGTqT4MG865_ZMsQR7wBwUySCh2vOzAcSfiEjlvoTpFCaw-le1yTFGXj1pEfl3Zsg1KwzezygRdRx1zaxq0WWTJzGi1PCZVUioW-MuW72FJVo1k3Uv8_KmdKoxJBzRnrPG1FbPKqyaGXXI8h5FAAPm46eZXJ0I0ImavoCgRfmmsxvrVlMwStfxnkq7RQ7sxGNKUkXjk1maCTL7dKbIe8cm3FiLLRLqYCWnYFGhbHPEQqQWGPT7g2EirFwS-ZqDCVJSCurzxyr9xClfBEoPbJ7Ddvu9akeiyLiJdoeYhxmTWNoPiqca246gc2Ukvy3uqkSbZn12IW8C4fX-bu7rUJaARGrGGx3uiBoLFzK3p0572laPORj0XH6k_WwrU3Ova6sTzR9Q5LxmemAD5NBk55mLV_HPj6MjVynf1xlCCkQxHte5R2ccXIU-LL8x018GRi8KXMQ7CHohDKrvz8dve74DAWZ0yCfc9NYU6V-NUJedpGIyI05gCoTYP7qnfxaog9486A5xjvB-GM8r1N8TC4zNfPhxj1fd4zz_EVKc_pLQOoPWNjoMsxcF_5kCU1v_IJYUXByKTMlJRzcKVmr-AihdVnI-dStOhiAY5y13cqFNpRh9bo1ya-92ZpjU7ZQ&sai=AMfl-YRX-36ODvQDOSFDmRHuU9Fu_-xjprMhJAGoERcnQhqcZNkqOOZAHQHzKWEFPNwKH6TKFwsDFsL096wOLVlQ8fV83HALmYCKj-weF_Q3_NNekNdmi1_2E9FdB9mUlRdfk5p0QOAAWSaUeF1XHzC6UTVTTATeQK94MoCvfAGnXAzRXMASxVRqnjGS7X2ODjsioAMy7ShVCYtVwcfriu_UjAKATKzg8lOH3KZSLMOE21ohXmPamcup8v6rWRdsXFdXBpb2IoCa4NVUOf-K7TQHbAxC4bFRymnwOKtDwkWlshcZF-NQtISlhOzglRP_iTVcgHWWDzn3EBJB5kDdwc0rahPJrZejhDm687ApNymHg-HXZspNxxoXJZ0v13fP3etx5IaET6AdkYn9x98NRGKa2FIxLztgBR2Q_9Lkh2VG&sig=Cg0ArKJSzNGHlZQ134YkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ib290LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231130.02999&arae=0&ftch=1&adurl=

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 11:23:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D7C5 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame D7C5 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:00:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1335 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Tue, 05 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame D7C5 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7C5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWP20KtKGHG8UCurNNSKqRb5V4ryXpMGedk1Lcm-AuPRUpbRNECX-op5xg4Y624WYRZ3j4MGCC9HvtsycBmQlgO6QxrA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7C5 202 KB
64 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 11:23:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7C5 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLxPxXNE5lhGvBPzlzKahO4HiUidMUtqEnMS61-Y8nSZbW4rMPMsEPv8jtJOhUBI08PHFg2s4_C_8T3XezVZd3zujJAZCvAeGuuIoYDGyaaDJv-oM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5988192678831057147
s0.2mdn.net/simgad/ Frame D7C5 75 KB
75 KB 29ms
8ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5988192678831057147

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18acdddfbda216420afff69425e62008f9247a3edc35bcad0e233c23bee68ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:16:59 GMT
x-content-type-options: nosniff
age: 47195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76574
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 14:23:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:16:59 GMT

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/ Frame 3690 7 KB
3 KB 284ms
283ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d740ccea2020d7d2b8985f1d3d8bab30f507805d20d931cb0a7d8d4438bc2189

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:35 GMT
etag: W/"1c56-0j1w865/KgtuffqCXoK56x5MNYU"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 heho.com.tw Show response
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/ Frame 4800 7 KB
3 KB 283ms
282ms Document
text/html 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/wp-content/themes/flatsome/assets/js/chunk.slider.js?ver=3.18.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 21440e9e93d3e4d7bd0cbaae96c74e8630e3a92dca888225fd091cb0d930f034

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, OPTIONS
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 11:23:35 GMT
etag: W/"1c77-SY90Q8Fyy5dpr8584umaCGSrEjQ"
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FA4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1&C=1

43 B
337 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGL27s_wBMAE&v=APEucNWYZCDMUVJEDfzquRHprLWX1yu7TLfkxZewONaXajhW-GM_03cP8bGf0u5tm0Gko-D7vSjzuhspyl71PDH1JRK_Q_OtDC5ZH7SpjYblBgETCuuqu533-dwchzvL-RvvGBuCIQDq7vPZ0NneOJsty7q3vLhx_u0MHZ_AQoVeeBOteQKgKNI
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSDSY2xdT2zL1f9zA7gQe%2F90cakXnmqSamF0eoNvuVHsiYs0NLnqyJlLhoiyFWnvIavOLeuWMMpoQ7PGO3xQjb6fZZ%2F%2BqW6HdHgS850tmK0715XZZjtCuLkp0RrhRU%2Bu5tmerfupUWF0Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830beaf81bfd5d50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGqaWpQu7%2FwnEhnhLuaAoL%2B1ceZ3jyhO4V9QOiXwwmf32QRfJdZ2Ln63Tj0eGuBL0kBWCqZRMEVj8t0ynL5Tp1ED7qIwmYJcItix4%2BTUOTW26yAULrA%2Fgt1j6jQYZHH8dFJEhHUYU6e5Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1&C=1
cache-control: no-cache
cf-ray: 830beaf7ebc75d50-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FA4B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW8IN7l9vzoInHqKEDIFqQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1

43 B
770 B

22ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGL27s_wBMAE&v=APEucNWYZCDMUVJEDfzquRHprLWX1yu7TLfkxZewONaXajhW-GM_03cP8bGf0u5tm0Gko-D7vSjzuhspyl71PDH1JRK_Q_OtDC5ZH7SpjYblBgETCuuqu533-dwchzvL-RvvGBuCIQDq7vPZ0NneOJsty7q3vLhx_u0MHZ_AQoVeeBOteQKgKNI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FpRpT%2B2XH0Ruwivsj%2Fi9z5L3aZkfXY7tBTcCPBWuIJsdPLVdQMiJk5AnE9FriO%2Fs88vKzNXInHdSPmYfaHNQZhE8Cu172ojeHhWP1FUlca4AJRUwIF7tqdBnS8irhab%2BxTUdqpstjS8bA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830beaf85d022ba9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECSJNuNYUnlAAeyANpQsSHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame FA4B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPgLWDiybRHMgOLra2p8dwI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPgLWDiybRHMgOLra2p8dwI%26google_cver%3D1

43 B
885 B

17ms
17ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPgLWDiybRHMgOLra2p8dwI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMihxfQDEJCx_YAEGL27s_wBMAE&v=APEucNWYZCDMUVJEDfzquRHprLWX1yu7TLfkxZewONaXajhW-GM_03cP8bGf0u5tm0Gko-D7vSjzuhspyl71PDH1JRK_Q_OtDC5ZH7SpjYblBgETCuuqu533-dwchzvL-RvvGBuCIQDq7vPZ0NneOJsty7q3vLhx_u0MHZ_AQoVeeBOteQKgKNI

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
an-x-request-uuid: ef048b51-0f89-4bd8-b736-14777c7fe046
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
an-x-request-uuid: 3d8cc5df-086b-49a3-8200-7db0ab321dea
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPgLWDiybRHMgOLra2p8dwI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA4B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMjg3NDkzNjg5OTE2NDM0MQ%3D%3D

170 B
188 B

16ms
15ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMjg3NDkzNjg5OTE2NDM0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
an-x-request-uuid: 1cef140b-b08a-4cca-be93-faf5ab790fb2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTcxMjg3NDkzNjg5OTE2NDM0MQ%3D%3D
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 1335 0
103 B 13ms
12ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF9u5s4M4L3dqVrPYAYfIMo&google_cver=1&google_push=AXcoOmRCoaApusVarMVcZXjcNnkOP4iOyAnBdNxWAcX3ha42GgR2IzfyHtriR-uZZ8eDP6hnnO52hr6ScMhQTH-hx-dQw81zIWUQW73F
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1335
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cver=1&google_push=AXcoOmTHNKN0QyYdhcPuR59lT0CCz6BZIPn_hKBmDL767Xi...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cver=1&google_push=AXcoOmTHNKN0QyYdhcPuR59lT0CCz6BZIPn_hKBmDL767Xi5dWoIVJN_LTxB51R33af2aP7Xm7d544Tb3pEL6QB7x3nA9_OxYTTSjiQE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 11:23:34 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TFYwUVJ5SlAxUmF0d3k1&google_gid=CAESED_eoGnrzJbgMzXYeqamx-k&google_cver=1&google_push=AXcoOmTHNKN0QyYdhcPuR59lT0CCz6BZIPn_hKBmDL767Xi5dWoIVJN_LTxB51R33af2aP7Xm7d544Tb3pEL6QB7x3nA9_OxYTTSjiQE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1335
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlc4SU5nQUVxTHFkVHdCZA==&google_gid=CAESEE5dcVKiKMW3wDr2uPqDKhg&google_cver=1&google_push=AXcoOmT8TNauk7gzQds7_9xpUTdWee-h-Z...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlc4SU5nQUVxTHFkVHdCZA==&google_gid=CAESEE5dcVKiKMW3wDr2uPqDKhg&google_cver=1&google_push=AXcoOmT8TNauk7gzQds7_9xpUTdWee-h-Z2ahsBxt9aJAoItG_HXfGt9JPU4hofqyXCrAQcu_PwRfkhlqOnLOWOhgbPBJuYZdm0oPv_3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230023-FRA
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701775415.995737,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wlc4SU5nQUVxTHFkVHdCZA==&google_gid=CAESEE5dcVKiKMW3wDr2uPqDKhg&google_cver=1&google_push=AXcoOmT8TNauk7gzQds7_9xpUTdWee-h-Z2ahsBxt9aJAoItG_HXfGt9JPU4hofqyXCrAQcu_PwRfkhlqOnLOWOhgbPBJuYZdm0oPv_3
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1335 0
187 B 47ms
11ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEVbZJ8F0JRjEtnmTLn20Yc&google_cver=1&google_push=AXcoOmQjj8VXqpALt6ZsRrASSDOsOmv-rrkNjQWDfPTMjlG7XcMXlPfooj03pftSsuMFeCmk_DONObiiSCOkEnXve8UgY-uo_kBQ9Bl6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:34 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1335
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA9gJ-g6GaqN-OQoWaCwnME&google_cver=1&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkRmksjCMJRx&google_hm=eS1oeFMxNTloRTJwRk...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkRmksjCMJRx&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 11:23:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQvRKbHt9ckZsi9XK1-cR0M1tdPj3hS4MEcHA89ITd6VrDXdv2WcYA4sKeH1yuBBqYojawRP5kDl6hxF8QU4MnCjkRmksjCMJRx&google_hm=eS1oeFMxNTloRTJwRkcySU9BdUw1QzRXdjc3N09FWjFDVX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1335
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPkmpbOsWjKs5ZvBDRBJlWk&google_cver=1&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYX...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYXQYDh0b9lBxVsDqpouAWr

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYXQYDh0b9lBxVsDqpouAWr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRKknHXH0piCXwnJrkrzLVAxeDVct1RoZq8gXoEPkpzJwwXRUcTVYQ7A6IzVMRgFiUKe5GJEmB9cGYXQYDh0b9lBxVsDqpouAWr
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 1335
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEET-hFyXUBcH...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRMvq8BQg35CLm6reIAE7fmyNONSwINN0-7c2tJlAHTrHSgKi3Ilfxik417BwaoYl8BEHdnAAMSdwCy8tE1feTDscuVUzAhk6bY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

39ms
39ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 11:23:35 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1335 0
12 B 15ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LEWPHhY4pA3KZAso8nmROho3lOhNhXFtoKjbeI853SypOPB65MtIPH3gEAOTzOdLKWatfWHA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D7C5 0
0 44ms
44ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuJl80JA-_xIWW88SalXNIHvM3XpSuFhdXxdelygDrSIHbyqcuON2xi2GlnmNiME1GFEKcQWdIhuaDkDfDQbbbT5Bg65XHYoWHlzCzRXI0Lx5wMcIj8e4jAF-8UmoLU8_-bTjeCMpuRclX7iTkOJpUGiC_SiFaK09RUcdfvGXrtvGb_LVUDHtfLrzSnwVyE7wSlsvQFtpvPRIBb6tlJ-Fg1RIVSwPgVjwWLAx7Y2HafMklLruWj61y7b-sqBYO2CB43MlGeWz5KcitFdi6qReo2b1nKZYRg5_-KqpEpiFcacXvwUlfmhKbgWbtkNSeFqwJ3pw8dYph2GauQt6Rq0u7IOoSBoRM06NY5eImb7NYos5bZ2Yubd68k9Ef1-oTd4ZhX4f8n2Ik4d6tuUi7jeIiferomSXuMF7-DhZRDLAxRommmCQ1O24jxA5L1BQYxABjc9spPMzeG1ElL7oNvBp6igagGYOcKhNFrCy0n5Z_uFX1o2DJm830u5yxbOtLeMef0Ro5eejvMCfNdaBzWjKxz4_8mjcACY_GTXQGjQhERtUECHVxshWR0B6OT60Rx60bLKeFn0RQlZgARhLeo2n7IInoITkF7EX2WrWt99jq2_RwdVcuw2P457VNxtg5EeD_PpmaE4pM0Gi8aSoH7VqZYxOp7wR7VuHfpD0CUZTV_weNNB-4hljM42Q1iAjj_s3L8V85aeRwTvmzBX8EGG7KBdJYGtKDFK0VeHo2G8URE3roqCOZz0NEYl_COpdtZMrDa1W3Pji9DUoeOXsgTWtHe2OWfoWiiWZL2UOVB9jEr7Er7I7QDTmUeGU-eEjv5wtPtn2_r9UGTqT4MG865_ZMsQR7wBwUySCh2vOzAcSfiEjlvoTpFCaw-le1yTFGXj1pEfl3Zsg1KwzezygRdRx1zaxq0WWTJzGi1PCZVUioW-MuW72FJVo1k3Uv8_KmdKoxJBzRnrPG1FbPKqyaGXXI8h5FAAPm46eZXJ0I0ImavoCgRfmmsxvrVlMwStfxnkq7RQ7sxGNKUkXjk1maCTL7dKbIe8cm3FiLLRLqYCWnYFGhbHPEQqQWGPT7g2EirFwS-ZqDCVJSCurzxyr9xClfBEoPbJ7Ddvu9akeiyLiJdoeYhxmTWNoPiqca246gc2Ukvy3uqkSbZn12IW8C4fX-bu7rUJaARGrGGx3uiBoLFzK3p0572laPORj0XH6k_WwrU3Ova6sTzR9Q5LxmemAD5NBk55mLV_HPj6MjVynf1xlCCkQxHte5R2ccXIU-LL8x018GRi8KXMQ7CHohDKrvz8dve74DAWZ0yCfc9NYU6V-NUJedpGIyI05gCoTYP7qnfxaog9486A5xjvB-GM8r1N8TC4zNfPhxj1fd4zz_EVKc_pLQOoPWNjoMsxcF_5kCU1v_IJYUXByKTMlJRzcKVmr-AihdVnI-dStOhiAY5y13cqFNpRh9bo1ya-92ZpjU7ZQ&sai=AMfl-YRX-36ODvQDOSFDmRHuU9Fu_-xjprMhJAGoERcnQhqcZNkqOOZAHQHzKWEFPNwKH6TKFwsDFsL096wOLVlQ8fV83HALmYCKj-weF_Q3_NNekNdmi1_2E9FdB9mUlRdfk5p0QOAAWSaUeF1XHzC6UTVTTATeQK94MoCvfAGnXAzRXMASxVRqnjGS7X2ODjsioAMy7ShVCYtVwcfriu_UjAKATKzg8lOH3KZSLMOE21ohXmPamcup8v6rWRdsXFdXBpb2IoCa4NVUOf-K7TQHbAxC4bFRymnwOKtDwkWlshcZF-NQtISlhOzglRP_iTVcgHWWDzn3EBJB5kDdwc0rahPJrZejhDm687ApNymHg-HXZspNxxoXJZ0v13fP3etx5IaET6AdkYn9x98NRGKa2FIxLztgBR2Q_9Lkh2VG&sig=Cg0ArKJSzNGHlZQ134YkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ib290LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=51&vt=11&dtpt=50&dett=2&cstd=0&cisv=r20231130.02999&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: heho.com.tw
URL: https://heho.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9E1B 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 09:11:25 GMT
expires: Wed, 04 Dec 2024 09:11:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D7C5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 403c4d504b40910b8913185dc35ecebd3348bc7d2dea88521eb60acf578f28d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9E1B 39 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:33:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E1B 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BmwoDNQhvZaa5LIOVkwPO77ioDgAAAAA4AeAEAg&bg=!2Nul25TNAAY3kmNgF5I7ADQBe5WfOIAKNZ-QZGatM3k4slq_0BXtpbVst0OPr0gcBCJG_syu-osqODyv-RqFtR4XuMsUAgAAADhSAAAAAmgBBwoAbKbuMfoo961hRhmQqhDpl5cDe_O7-g-zvPnU4z6s2NjAkzr3-S05WJCqlccxCA2LHTUQuzBcffTdu1WTDIAd93rshQGLlKs26fRVc6NnjUc42icQ2-YjvAiR0kNc_JPaWdW5h6ppPeD92FRIt5kDA_upEcSa62N5U1I6rDirQPeQKb0MNpqjibKFNaHpofY--H-iA7-VtCefkK-HSWFcFu9OBWNnc7q0fwhgbqKQEj3un22MvsO0LNsMfRPfjwQelh6P6pPDLnWdJ0ONN_kps9quPbMr3TDyFYyjau_7_r8qjx4y6RgnD3aHuJtTcjpmYm0xt1IhoEy6lxftMVd1dVib977u5qBuynLkKRVV6lIXiQlA-i1NQrPZGq3Kp80YAA8nsffOh8PwWzvzHCIkejYNDdCx8lk_6Ghqykzb7Iw1y4X7Wxv_G5NXxeb51g70RCaVqK9cyhTwYUpm_FNGsTp3X32CvSl6lXublixz-sfPvDKoZAs9SNFqM9PPYD-2LoJWlFkZDWz5vmnVC1uK2joA69iBIcbAXMccwDLYz4-tvWT2BMyHHR4YDZQZkFIkOIc4jm7VQvNGYkTFszo0CR4aqMevpwuTyVsjamu6HaTMzXUQed-NANiwjo3F7tqnK3Eh0N6_lu-GT87lQaU0i0lT_8uiPohYqlZ4NbeIf0jitVuzp9YxURM4XsQpXCcDeowQ82cmG14xuWjljswpV6u2utL-MSjcMan-VaTENCBIFscFhm4Lmt50c4jfUKmMIR6FBuKR6KwVfEx3QcBhfz83l6F9WR_iniv_6oM8zt0kxVk1qjIs4yI05ChlpPfeOOvqqGOPE-f5RdToC10LapmlP3dWg0QVrdDwyphRVSnDQGgFaaqvNlIMc_Ogvd_nPEmxCi4KL2nh6ZdWNiss1jmu5pqVGrzjil3iOuMhzYCO52NM9yIYuG01ls2sZNNzooVcVCv8M6y_H5TZL11HDTE8maj7CPMP5sCK33C2hsMWBbyiClrmTSUoKJ2Hrs2aNpOz3AL7SLX4EGORxAheiEqL55X2QGDB5phrY10zp2xE8rih7b6kUhGApOUTuAikDzw6ptmqzI1ubWs3dirW5GLGBPpNAUZeggUZ-NJJD9OQhf8_ai6Wx6QpuM9afps4jt0RCnuy9IllUFravvILS33pbg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5693807149055825&output=html&h=120&slotname=6565022970&adk=1391630597&adf=3324322815&pi=t.ma~as.6565022970&w=1050&fwrn=4&fwrnh=100&lmt=1701774902&rafmt=12&format=1050x120&url=https%3A%2F%2Fheho.com.tw%2F&ea=0&fwr=0&fwrattr=true&rh=120&rw=1050&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701775413371&bpp=1&bdt=925&idt=269&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=1050x120&correlator=2575750184408&frm=20&pv=1&ga_vid=779064493.1701775413&ga_sid=1701775414&ga_hid=2127023872&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2296&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31079825%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=2292558247989896&tmod=682077009&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame 3690 157 KB
24 KB 24ms
24ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 446828
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFHC2CRKSJBHCS91RA9FQM2-fra
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830beaf94ba21c1e-FRA

GET
H2 200 heho-mkt-recml.js Show response
ml.oxra.com.tw/ox/mkt/js/ Frame 3690 9 KB
2 KB 262ms
261ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-recml.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 09:35:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63eca76a-241a"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 1701240171.2928.jpg
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 3690 237 KB
237 KB 592ms
591ms Image
image/jpeg 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701240171.2928.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 242527
last-modified: Wed, 29 Nov 2023 06:42:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64m8%2FjyU6rHW0KATrnHJU659mxViVPNFVEGVNCWX%2B4HWJTYh8obnSyQEJ6acxk%2BWUEcFoyMIDXy9pi3FMchDyznPwXH2EUb6%2BmBkICfb5jAppCcZkdVVP4k8wR99AI5SOVTinhd3c8%2Boeo62xQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf97884c2fa-VIE
expires: max-age=2592000, public

GET
H3 200 1701763943.9322.png
img.heho.com.tw/wp-content/uploads/2023/12/ Frame 3690 217 KB
217 KB 72ms
71ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701763943.9322.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9647322801c526092a1912ecd4836fc639e4be4f40dda05e83a9811223fb1747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 221718
last-modified: Tue, 05 Dec 2023 08:12:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0rmc8W%2BFlw1yMEJUSBz%2FY6T5M%2F4KUlx7byX8Uk414o5c2ctONGmueYU%2FswiC%2BU3%2B62oiM8ddTarLd65FX5pVwbSJ3EoxzHzvMu8mffaisfvtZ78DwML%2F0AXQ4j%2BBOC5bkt2AlGrGycdAGQngHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf97886c2fa-VIE
expires: max-age=2592000, public

GET
H3 200 1701657291.1539.png
img.heho.com.tw/wp-content/uploads/2023/12/ Frame 3690 253 KB
254 KB 23ms
23ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701657291.1539.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13bd5abd3bd40e3f01fb2f34e2434e806cf8dc43b08053fbe7770b40bff5dc57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100174
alt-svc: h3=":443"; ma=86400
content-length: 259531
last-modified: Mon, 04 Dec 2023 02:34:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzdo1EPPUp4Vue5Z8uQbh7iLTRxXB3Jr1Wuzg3tzeXzn4iyyyIA8TXVNNMx2vyQVsEDnQFpBlNqU064zSilBs0dc1ErK%2FYbRgiNlGCdlhsrgv50jj5SZEYI7b6PUn2w1z3vzJVjwwfEzqrkbw4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf97889c2fa-VIE
expires: max-age=2592000, public

GET
H3 200 1701769278.7487.jpg
img.heho.com.tw/wp-content/uploads/2023/12/ Frame 3690 131 KB
132 KB 97ms
96ms Image
image/jpeg 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/12/1701769278.7487.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51517aa1e842c8fa674210dabc693b435db2d5edcacf311a67e95abd4a040600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 134449
last-modified: Tue, 05 Dec 2023 09:41:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=re6jYjW69ObR%2BByMCCM6PFqEu1G%2BqgTsY8zIkpk%2BnlGy2agX6bOYf8bTA6nSPz9V%2FbNwMz0GrPdk%2BZtr7mFggZdUOL%2FO9s5xcaDCN%2BzvQYD1jb7YEWI7GXYXZlj1lpj9ClKtxhnrjRUrIEjPCto%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf9788bc2fa-VIE
expires: max-age=2592000, public

GET
H3

200

1669173726.3519.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 3690
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

12 KB
13 KB

364ms
364ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12748
last-modified: Wed, 23 Nov 2022 03:22:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpReyMH24byvGMQVPhmSL3MD6woz4DDUqFnMWAvglxQ%2BpsB%2FkTVc6MOXeBeyj1Zs70s5r%2Ff5XNDc7IZBWx1rpCoJv1vjA9IhPD3YVi4CgGMrJOoPDP6zEX6qtI9o9U5cA25ZF4X3iaEZgLZ9khU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafb2a35c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1669174009.0122.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 3690
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png

2 KB
2 KB

353ms
353ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd50883e5a14dc60ab697ca8272c575fdaca96c69eb11ff5edc092752520d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1609
last-modified: Wed, 23 Nov 2022 03:26:50 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fmpO1qgBQEap%2FGuZTNVGoOer6eiN7x19WZePm32Zm%2B8PMX1gAp2CRBp29S%2F8LwOlNg9hzYkE%2Bw%2FXkjtl6Dix29t9DwZWHCh6VN58xFw0omc72JL94tF%2BCf6XMSESXvBehwe%2B6qpam8H%2FzB198U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafb2a34c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174009.0122.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/ Frame 3690 5 KB
6 KB 21ms
21ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615895
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0p9VKJaTgykD%2BCG5fiOquVAgZOWAQ71Aczpb6VcvcMkPmwoV%2FiGSwFQ67kdZ3jw%2FCKdHHLo1XaS8yMqgWvX9XyleTzW0h%2Fq7kDZ9buwu%2BjUYDZZO5VY3SDyMMQpBoD7%2BVxDeDZeXzAQG7HI54Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beaf9788dc2fa-VIE
expires: max-age=2592000, public

GET
H3

200

1669176277.7766.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 3690
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

5 KB
6 KB

367ms
367ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5377
last-modified: Wed, 23 Nov 2022 04:04:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgpeKyhwkzxViWz6wwnfiyzw93eHd2xl929ERgX2%2BTeSxUuPccua%2BJktulEPyC3KfbfVD39bn7CJxb6QSYuLnvKo%2FmMxcSCXjxvaYkC%2BiRX%2FFeyyVUJEg1O%2BT3MUCHwjYzal%2FFzqS5H%2FN0WsKxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafb2a31c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@4.5.3/dist/css/ Frame 4800 157 KB
24 KB 19ms
19ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ml.oxra.com.tw/
Origin: https://ml.oxra.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 446828
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFHC2CRKSJBHCS91RA9FQM2-fra
server: cloudflare
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 830beafa1c6b1c1e-FRA

GET
H2 200 heho-mkt-recml.js Show response
ml.oxra.com.tw/ox/mkt/js/ Frame 4800 9 KB
2 KB 262ms
261ms Script
application/javascript 139.162.82.98
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml.oxra.com.tw/ox/mkt/js/heho-mkt-recml.js
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.162.82.98 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1562-98.members.linode.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 09:35:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"63eca76a-241a"
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 1701240171.2928.jpg
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 4800 237 KB
237 KB 586ms
585ms Image
image/jpeg 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701240171.2928.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 242527
last-modified: Wed, 29 Nov 2023 06:42:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8%2FxgHpdvcGyEI0W9Ol%2BVVgbLmXLygEmoQWqDDW92nbUM2OiaPKjUJGzrmcTCmLgLnPiX48EiCs2lG2pPKHzhft7mVZ0w2H4O8qU7uj1fP%2FTixEpxWtgrjOqy4l8ZyL3B67JvVvc5w0nh%2FK5O4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafa3947c2fa-VIE
expires: max-age=2592000, public

GET
H2 200 1699492760.5591.png
lifestyle.heho.com.tw/wp-content/uploads/2023/11/ Frame 4800 229 KB
230 KB 1164ms
577ms Image
image/png 139.162.79.137
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lifestyle.heho.com.tw/wp-content/uploads/2023/11/1699492760.5591.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.79.137 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-162-79-137.ip.linodeusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d71a472191ca500c7dbcdc6cf3bb86fada4c0b5f5b787a936e66b61f6288cde0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
last-modified: Thu, 09 Nov 2023 01:19:25 GMT
server: Apache/2.4.41 (Ubuntu)
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
content-length: 234688
expires: max-age=A10368000, public

GET
H3 200 1701308462.2435.png
img.heho.com.tw/wp-content/uploads/2023/11/ Frame 4800 156 KB
157 KB 756ms
755ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/11/1701308462.2435.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577720b3510897fca3bfe22da77990ae5e29eee049e1a1420490c5d3998cb436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 159938
last-modified: Thu, 30 Nov 2023 01:41:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMNwk0hypXox0%2FQPPGqdhNA%2BQgn0dO%2Bf8n04HwOeRrhot5zFyqMMgn5UAIgfbhPX4kySHvgepg0hDWMsY%2BExv%2FwInU2ngXZmq55eSp2CipcV7WBUJ7KhMkRQbaTu%2BZzpywzEI0rqtQe33z3MPow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafa494ac2fa-VIE
expires: max-age=2592000, public

GET
H2 200 1646368367.7583.jpg
kids.heho.com.tw/wp-content/uploads/2022/03/ Frame 4800 333 KB
333 KB 779ms
258ms Image
image/jpeg 139.162.79.137
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kids.heho.com.tw/wp-content/uploads/2022/03/1646368367.7583.jpg
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.79.137 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 139-162-79-137.ip.linodeusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1adb086b7cc632d932ba4ec0d96918220814e7fb71da8f3d1e93faa0af8fa771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
last-modified: Fri, 04 Mar 2022 04:32:47 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10368000, public
accept-ranges: bytes
content-length: 340924
expires: Wed, 03 Apr 2024 11:23:36 GMT

GET
H3

200

1669173726.3519.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 4800
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png

12 KB
13 KB

598ms
598ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 12748
last-modified: Wed, 23 Nov 2022 03:22:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BLE%2Bca%2FPzFoCCBTYaAFXuyTCAyr7gR8gc4ryb%2F4Vfnh2KfsgD1uHD%2F9nsbrw2GSrLHg%2BEpbIe7%2FNNr8GF5GkRJGBtYXPAtUPCTtgYMe35BGM6xDPD63XopBgC1CsrHXv0ViWLXH7VdPXnLCabY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafbfb3ac2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669173726.3519.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3 200 1689755246.8803.png
img.heho.com.tw/wp-content/uploads/2023/04/ Frame 4800 5 KB
6 KB 19ms
18ms Image
image/png 2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2023/04/1689755246.8803.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 615895
alt-svc: h3=":443"; ma=86400
content-length: 5344
last-modified: Wed, 19 Jul 2023 08:27:29 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNJQyepgIJnUkiZ1f9AiJW4KE7owFjukhZAKwGOxZHUGGdptdzSqgK3qgm6QjOU%2BJy5PCHmZ1hHfi5iBl6Fh9Pr9wfZOjCgsgJmMd0fjKRTZXJ3izTKHuZPapKYAI2FtIOX2kNJgkYadf886acU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafa494cc2fa-VIE
expires: max-age=2592000, public

GET
H3

200

1669176277.7766.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 4800
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png

5 KB
6 KB

598ms
598ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 5377
last-modified: Wed, 23 Nov 2022 04:04:39 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6vOmLHN6k344vanLIvClJ3XyuofOmeLLgSxnHo7IL93Dq707tL91js6cyRzbWLS2lEppC%2BrEpXT8NoVD8jG2A5yWeC%2Fifdy7l2XB9JrFunLswNFiKJM5sqgfvLytH0OVyYCEnf%2F%2FR07vMm4sm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafbfb39c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669176277.7766.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H3

200

1669174013.0565.png
img.heho.com.tw/wp-content/uploads/2022/11/ Frame 4800
Redirect Chain

https://heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png

2 KB
2 KB

343ms
343ms

Image
image/png

2606:4700:3038::6815:ebd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
Requested by: Host: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw
Protocol: H3
Server: 2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ecb4dd57033b4d5ce93ed5ee31f6e7ae13e0208ffed843a8a25809e6c186a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml.oxra.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2059
last-modified: Wed, 23 Nov 2022 03:26:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HkYf2bR%2B2iW0hqUjS%2BeWCzF0yQLQ6LoPfd3N4%2FdrHgi%2BvOm6xsCDwLWP%2BSFW94n293J0amFHEQfjltYYFbJt800xOOij6gT12tO4j8jg2tITZIpNj72uIPd%2FPjwFEDYx1tN78Dw83MT0KRmBl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830beafbfb37c2fa-VIE
expires: max-age=2592000, public

Redirect headers

location: https://img.heho.com.tw/wp-content/uploads/2022/11/1669174013.0565.png
date: Tue, 05 Dec 2023 11:23:35 GMT
via: 1.1 google
server: Apache/2.4.41 (Ubuntu)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 261ms
261ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:23:35 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2023 12:23:35 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 123 KB
58 KB 1135ms
607ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&ad=20&country=tw&url=https%3A%2F%2Fheho.com.tw%2F&&device=pc&media=heho.com.tw&extra=windows&agency=nissin_tw&topn=50&ad=10&r_category=all&country=tw&redirect=false&uid=5db80b30f6339080f881701771815614&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiSGVobyVFNSU4MSVBNSVFNSVCQSVCNyUyMC0lMjAlRTYlOUMlODAlRTUlQTQlOUElRTQlQkElQkElRTclOUMlOEIlRTclOUElODQlRTUlQjAlODglRTYlQTUlQUQlRTUlODElQTUlRTUlQkElQjclRTUlQUElOTIlRTklQUIlOTQiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vaGVoby5jb20udHcvIiwidXNlcl90ZF9wbGF0Zm9ybSI6IldpbjMyIiwidXNlcl90ZF9ob3N0IjoiaGVoby5jb20udHciLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNzAxNzc1NDE1NjE1LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&alg=ltr&callback=_p6_9ac68be9de16
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 0aed6591e410e7ae3aec13a9c69b083ecb19b90dd8b2ea773320c8214aa9af85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 537ms
536ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/heho_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:23:35 GMT
x-amz-version-id: rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 06:45:28 GMT
Server: nginx
ETag: W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2023 12:23:35 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 774ms
255ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGVoby5jb20udHciLCJ1cmwiOiJodHRwczovL2hlaG8uY29tLnR3LyIsImxvYyI6Imh0dHBzOi8vaGVoby5jb20udHcvIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMTkuMC42MDQ1In0=&t=1701775415617
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 775ms
256ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlaG8uY29tLnR3IiwidXJsIjoiaHR0cHM6Ly9oZWhvLmNvbS50dy8iLCJ1aWQiOiI1ZGI4MGIzMGY2MzM5MDgwZjg4MTcwMTc3MTgxNTYxNCIsInRkX3RpdGxlIjoiIiwiYWJ0ZXN0IjoidGVzdF9hIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE5LjAuNjA0NSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiJ9&t=1701775415619
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9A9 42 B
64 B 67ms
51ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8Wwj31-tule9z11bd4REP8qAFAec1GhcrEEc3T2DF9oRqHMXkCPaoZI3w2dkVQwbTY5B8ek-kVI9TkuhMaeMxaQk2VWoLS6nTkOcNzo4_lrO65hZaJy9Y9_ZXCaNVVedVsWEblLoaAMG4I1ghubSbDU8vnl6EFNQM9o99jBIlcpWc2WOmnClOpAQxmQgBOMXbRLpQISqvCIo77GNkduzBfKi080LyyvtGEnG7vRXA4sw0nraoRIGvcw3enka8Nle3C9UcJZaSsK3akH1DUY07P9MP1dfl-XSO4-6Or6sQcqtvlfwUcUYUpARp0qc2oOOy5r-K9HmkuTlhZXd1MPxjv2ikqNlQ_jzc91jbXghsAOvaSl3aQxtjw5rAF1RMVFhgof4MDCyjrhJWbJi32TJF0cFCi3xM0NRzvX5F7kSiC1691j2494kTzjB2oaEM19Zwxm-0Bg14LS9KtaDjKh0uJ7ykIEsqt-Ib4loSNYK1k31n5MOr9laOWM2jUIKgveOdnhCldz5wJXx7Vof-ZQvwc-TmzmT-NIKLUYULEAto5f4hnpsmcGve5YWXHeV46qbvlAJ_iXfnW-zn_ZWukrVzby3CsEewBw2WG_NkZn1_yrwvusryHa3xUZyYAzb3-SDxG2lA4KriD05UyR_T1d0sWFY7hzb3Uw_BwBvpec5fznBf4ZDXdbGMn21IXR61WvTu6-yk-4q0vMVxhJNP9cUTTjTLh4EH7M_SU_7rrcsRLkXMrWsYSoh2bKtfn_kO8MDLSRObacx5qZpoydpqKjGJrxgQN1sYSug2MM7VsK-VLZ1i7dx7UmrtYkdRUdpA1W7Hq1LgvIUzba8b12BiZ2A_JlJnOfGLNnQinoV11PBPSqnd328Qe4ytQlLsIWCY4QEPBPJ5DnokJOaAuMksYL9Hi-t3f4h5NzjO63_nQ3yDEFfoQK7Kq05BV4VqD1vpSDhDzYpkCHT23f1x4InYPdrb_1h9D8FtGsEyrkXjyQRg4B_n5o3HK6GuSbBDHO74eDl0YcGLk1liPcQo6K_CULAp4rvygh39wyzL2I77rgbe9oPZ7haN8xnMlV7GnjmRhuzQkum_pvx6X6aK3jzty8maU5D6Ojf1BojWz5R06lOsuYgXUSRqx6pUg180aweY-74lUkM7dAMZiB2pxvQJwOHIhU22wXjZNLNU8FQ4zmj92K26ho0MFhdc3GBQUSuKn5-UCoBo7bxjK0X-ZBMrHN_qJvzLlYtcwgY1uSZTopIyTUbZbu-b8IhrzmDgp7nd16zLaz9ILPLb_KacRXYuAIFOkRjcizFYdwqrg0IoywrwtZwDRnY2p7CWSDoeqlI95oAFS_ABg5Q9qf-U0zaDIgYTrdCIT5uog1gwW6At-Q&sai=AMfl-YSzpQ1JrarTNzTR-3ZRSiksYpcTOeRtZf-M5pKiUU1i8pLx23U9G9Pxn4DpiJWiwvfbkIKlVYiRF5OYYmzTY8LtZP3_RyzAIklL9p74WCm2-V_lMRqbYSE2_3PWIz8xJtsG2mdlp4u53oBgLRVeSxJIqy2a&sig=Cg0ArKJSzPp2nzszv0zXEAE&cid=CAQSPADICaaN7TJB7liPId0DNkYlcZ1ls7m2-4YpCff77Di8t_4wsjMNS2QXil6vaF18urGZ5TDD2SRMTrH75RgB&id=lidar2&mcvt=1002&p=0,0,120,1050&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=938037319&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701775413637&rpt=1127&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
291 B 96ms
96ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heho.com.tw
Date: Tue, 05 Dec 2023 11:23:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 262ms
261ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 11:23:37 GMT
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 05 Dec 2023 12:23:37 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 257ms
257ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhlaG8uY29tLnR3IiwidXJsIjoiaHR0cHM6Ly9oZWhvLmNvbS50dy8iLCJ1aWQiOiI1ZGI4MGIzMGY2MzM5MDgwZjg4MTcwMTc3MTgxNTYxNCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjdjYjNiODUyLTk0YmQtNGEwYy1iNTA0LWYwNzhjOThkZGQxYSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2hlaG8uY29tLnR3LyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xOTkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiaGVoby5jb20udHciLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjExOS4wLjYwNDUiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiN2NiM2I4NTItOTRiZC00YTBjLWI1MDQtZjA3OGM5OGRkZDFhIiwiYWJ0ZXN0IjoidGVzdF9hIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1701775417268
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:37 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 756ms
248ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=5db80b30f6339080f881701771815614&url=https%3A%2F%2Fheho.com.tw%2F&t=1701775417271
Requested by: Host: heho.com.tw
URL: https://heho.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:37 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&RedC=c.clarity.ms&MXFR=30A84B7DB68E65230E2E58A3B28E6B10
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&MUID=093DBE317FB16ECC1531ADEF7E1D6FAA

42 B
443 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&MUID=093DBE317FB16ECC1531ADEF7E1D6FAA
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:37 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A652216D48B4EDBB814B5A666BDC79F Ref B: FRA31EDGE0813 Ref C: 2023-12-05T11:23:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B5E79214B2BD4D0A83417A9B35CC8F5A&MUID=093DBE317FB16ECC1531ADEF7E1D6FAA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
63ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82a622161a8f46524e9b114be85c7692b3e38a2bcb832a134fc5dd022f9a1616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12405
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 11:23:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09AC 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:00:29 GMT
expires: Tue, 03 Dec 2024 22:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E979 829 B
559 B 19ms
19ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c722bcfe0d355ff7d229effde050591e853eed1203d5ea35a1214b9243b476e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0E7gRqEFoIb_RVhhLDe5jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heho.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0E7gRqEFoIb_RVhhLDe5jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 11:23:38 GMT
expires: Tue, 05 Dec 2023 11:23:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E979 0
0 45ms
45ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=2292558247989896&rc=05ALb3HLeb3pkDlyZ-4f90wqlJhf3iaTEcQERmfV7G1NTRRuKOHsoV0mZtwxWD7NfdcVybVCkaMhkc5gM0pOerVPzYV91xgrZHeLbpuvTabgNzfliwWljDl9jJp6YD3VB2z7ReAUSv01BSJmfjsEi_D9Iocg7LQ3zp1wFgsMZDEfoe7xvgPeN8Z4j52ncc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 09AC 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:33:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 09AC 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bTTQdg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:23:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=2292558247989896&bg=!IiGlIW7NAAY3kmNgF5I7ADQBe5WfOCALtZhdY68oTkBes7YiPhiI0y99k7mqnOEhZT2qAjC6ex0zVUJEaM0O7oFU-izJAgAAADFSAAAAAmgBBwoAsrBAxQ9iOgYTnKTYyc3agrKQM6bgcnTXPwW8wc5RDDbGzXmA0RGRxplTkZjnRuJ8PfAmeFbnyfVSNTyMGTbBxopmVYnTrzgunISdjj6Vd0ScFO93-1gLBIHkNSx1oLNihJPZ6IEz1CuUxNNjVp0wOST6kyGJ4aALMvl4f1GZZkRbHOrtln72mgx21rAgTdhrDgwqwep8_OKxtkV_g_1hMZaVGjn2oxZKO-oBpTEv8IFh-5KZArlcq3v2Gzz60VlXC3r-hp4YdWWQIGSm6bcGhVZWRE16JH4mT3ILqhNzELN6p7ohTYUpPDHHD1f77FeEcv8ZcYTcKQ2QcrAETx1sZF0bOuLR7giJJ-r6loGMACGIYreVRmqC5CjSHbMZl0nyw-h-s_ywK8jHsGGF6Myihi2xIP8ePnshM29S8k_09-0D74KCSMBrDGnfFVPdsvf2Gb7ewnFyu9c43b_ZZnLPCTwPdC49zwhc-WdEgCMPMfzxCwHBMogq8SdMJeQB02kMqGsaDtAvXvuFqvKi3xyyIuqBpUvvGwOAS8aDSSWq3GzhR90vsZWZpQkG_IoIe-XtIz_6MhUl-zu38bQN72mgkv7o5c2u6FGAIgTtpWHdB8mX7qogD30WseS0nnQvHoi0nkWkwn7uJck1SSddmhFekoaMxTLiprXHxgsJWdQdJXKcodkU5kjkn3GMEXcPXFFOGxR3J-aYd2ip2JL1NplXkNbh4rp5oeLe1l0Y1lrlW9r9fj9PKZOwt8XOg8-02A6-Tz_SFK1WtMzqzHymzo_YYinT2zMDxJafrcYsB-0ffjookGF3ktEwSJlXc9y8QiCeJVaTCsxOujAyTSyh8E-9j1enhAxY6ulS-Y6_PWxXrWSk8_xl6lWemREN8vUsBFmBWRp-jk-AvxBpo2MrdcRhGBGDHMIgVFAWvsyyxCI3bNSVN7wlnj4hGlO3A3TdEfdfuzvuGj3GaciVigDK1qMQUsDMn4QAONSwOAJN4VrkVnEiBb-dK00Jb6Ff-oeLugum6EslYwiQVkTa60u3B2rlCfq4t935lR1O4IS26Y5WiXjuCqPUlWZNBGq9dyejRcjGk2PrAn6ig3hJhfdmes95fkxrLBG-m-HyfelAsGTPEgd8VK677hyZLDmxYX84yEJ1ckylyqT6W6AVHo69pb13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heho.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LDJQEPLLSR&gtm=45je3bt0v877969751&_p=1701775413193&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=779064493.1701775413&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1701775413&sct=1&seg=0&dl=https%3A%2F%2Fheho.com.tw%2F&dt=Heho%E5%81%A5%E5%BA%B7%20-%20%E6%9C%80%E5%A4%9A%E4%BA%BA%E7%9C%8B%E7%9A%84%E5%B0%88%E6%A5%AD%E5%81%A5%E5%BA%B7%E5%AA%92%E9%AB%94&_s=2&tfd=7603
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LDJQEPLLSR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 11:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heho.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
i.clarity.ms/ 0
291 B 96ms
96ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://heho.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://heho.com.tw
Date: Tue, 05 Dec 2023 11:23:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789/heho.com.tw

Domain: ml.oxra.com.tw
URL: https://ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789/heho.com.tw

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA	1970-01-20 16:42:59	Name: S Value: spreadsheet_forms=D06XGid18-ELKI1DQKpgy-1VofMXtn1BetUC2lHvYTg
.docs.google.com/forms/d/e/1FAIpQLSdRbjQ4UWF29dHIQLWIiNnjAWjmXeI6AeSaeLi7ILXFjLJbZA	1970-01-20 16:42:59	Name: COMPASS Value: spreadsheet_forms=CjIACWuJV5V2_tez047HvtOT9GKUx0KseqTF8CyiKyv1GWjSSQwy7N2Wy17JApen7caVwxDFrLyrBho0AAlriVcnldC7BcBENiVOrvMEBteuBh5EAX6S24GFZz2U5Dw5G0YZtFDo1K51a40vkMrCgg==
ml.oxra.com.tw/ra/mktv2/mkt-api-10/0-heho.com.tw/xx123456789	1970-01-21 02:18:55	Name: heho_cid Value: xx123456789
ml.oxra.com.tw/ra/mktv2/mkt-api-11/0-heho.com.tw/xx123456789	1970-01-21 02:18:55	Name: heho_cid Value: xx123456789
www.google.com/recaptcha	1970-01-20 21:02:07	Name: _GRECAPTCHA Value: 09ALb3HLfovVBXYxcflL-XHOC2VixywKyOWjSOjI1-tHGsDBq0Rg0Qqccf7fvkDXddZ1L5is6JsEd6tvN8o34HL34
ml.oxra.com.tw/ox/mkt	1970-01-21 02:18:55	Name: heho_cid Value: 1564d286-f2de-422d-a291-66d03b94d256
heho.com.tw/	1970-01-20 17:03:05	Name: AutoHan+hehocomtw Value: 1
.heho.com.tw/	1970-01-20 16:44:21	Name: _gid Value: GA1.3.1357859423.1701775413
.heho.com.tw/	1970-01-20 16:42:55	Name: _gat_gtag_UA_105027460_1 Value: 1
www.clarity.ms/	1970-01-21 01:28:31	Name: CLID Value: 78e4b80ce23f45ef9891ee198694408a.20231205.20241204
.heho.com.tw/	1970-01-20 18:52:31	Name: _gcl_au Value: 1.1.377494312.1701775413
.heho.com.tw/	1970-01-21 02:18:55	Name: _ga Value: GA1.1.779064493.1701775413
.heho.com.tw/	1970-01-21 01:28:31	Name: _clck Value: 6pgtwy%7C2%7Cfha%7C0%7C1434
.google.com/	1970-01-20 21:06:26	Name: NID Value: 511=oelFoTeCQHWvlPvk3u8vfs9sAMe78_lEllN-6u1fjNMVwyl9ltCmTzbeoskO4cknQeRQrQHNoryrSkIU6HZUlfpS-mnxQhmXbh3X-nEi750M5KfX--7Skr3ElZVEjViJvT0Jn9hkfPt24H5sbfrCcmKZzHruLOuwfFsP6J7_Apc
.heho.com.tw/	1970-01-20 16:44:21	Name: _clsk Value: kk8mfv%7C1701775413910%7C1%7C0%7Ci.clarity.ms%2Fcollect
heho.com.tw/	1970-01-21 02:18:55	Name: heho_cid Value: 1564d286-f2de-422d-a291-66d03b94d256
.heho.com.tw/	1970-01-21 02:04:31	Name: __gads Value: ID=c87bdc72abd00883:T=1701775413:RT=1701775413:S=ALNI_MYuh10DbE5wKCGPbtyrPhFWvFi_GQ
.heho.com.tw/	1970-01-21 02:04:31	Name: __gpi Value: UID=00000d0b129e0fe3:T=1701775413:RT=1701775413:S=ALNI_Ma1Hxi2vj5S-IbVR6XJlcwKST1HgQ
.simpli.fi/	1970-01-21 01:29:57	Name: suid Value: 00F6FD5F525448EA9EFC281423DC58B6
.travelaudience.com/	1970-01-21 02:14:36	Name: _tracker Value: %7B%22UUID%22%3A%22E7671D02-BF58-47E0-1AF6-7F3EA2D474A8%22%7D
.w55c.net/	1970-01-21 02:14:36	Name: wfivefivec Value: LV0QRyJP1Ratwy5
.w55c.net/	1970-01-20 17:26:07	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 01:28:53	Name: A3 Value: d=AQABBDYIb2UCEP85uvOB1OpXHfa-tvVs_g4FEgEBAQFZcGV4ZQAAAAAA_eMAAA&S=AQAAAh7gsHusH1Z3Hgjf31dwFpk
.everesttech.net/	1970-01-21 01:28:31	Name: everest_g_v2 Value: g_surferid~ZW8INgAEqLqdTwBd
.googleadservices.com/	1970-01-20 18:52:31	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:04:31	Name: IDE Value: AHWqTUlnhM9p5oUBJFexFoVtbPZKX-howY_24Dol_vuXH5b_Zv1LlmEhnAkrqGFdYNs
.heho.com.tw/	1970-01-21 02:18:55	Name: _ga_LDJQEPLLSR Value: GS1.1.1701775413.1.0.1701775415.58.0.0
.tribalfusion.com/	1970-01-20 18:52:31	Name: ANON_ID Value: anntuJoZdUQdR2Hp9uswmymEevLM9qKG8U3kpPqW1UN5EiBJtogWVjbXNU28OEXCQcQOtqoZb2pwycZd2OsyVDV5ZdLB
.adnxs.com/	1970-01-20 18:52:31	Name: uuid2 Value: 1712874936899164341
.casalemedia.com/	1970-01-20 18:52:31	Name: CMPS Value: 3205
.adnxs.com/	1970-01-20 18:52:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilkd5nDt!]tbPl1M>e)ZlrFUfJ+tGXvWBapkm2EsAq'PQxhA>NrneNSR5EZsn!7L[MMI3If)y3KL9D3I?+v(k5^o
.casalemedia.com/	1970-01-21 01:28:31	Name: CMID Value: ZW8IN66dYnHcWG.IgNpVigAA
.casalemedia.com/	1970-01-20 18:52:31	Name: CMPRO Value: 3205
.heho.com.tw/	1970-01-21 01:28:31	Name: _ss_pp_id Value: 5db80b30f6339080f881701771815614
.heho.com.tw/	1970-01-21 02:18:55	Name: _td Value: 7cb3b852-94bd-4a0c-b504-f078c98ddd1a
.popin.cc/	1970-01-21 01:28:31	Name: uid Value: 5db80b30f6339080f881701771815614
.bing.com/	1970-01-21 02:04:31	Name: MUID Value: 093DBE317FB16ECC1531ADEF7E1D6FAA
.c.bing.com/	1970-01-20 16:53:00	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:04:31	Name: SRM_B Value: 093DBE317FB16ECC1531ADEF7E1D6FAA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:04:31	Name: MUID Value: 093DBE317FB16ECC1531ADEF7E1D6FAA
.c.clarity.ms/	1970-01-20 16:53:00	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:42:56	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://json.geoiplookup.io/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQrZ0r6BgU6lscYsCCKSrkOp4iAHpxcSPZmGU_rUeHad-V9XcrA_dUUKmwP-5cV0ukC0HJLZBg5CWQRwKEQwUYVuYFyv48C2pUl3ks8NIO3d8WmBFa6iUYdufCurIXOlFhKcKK1ptuVywQyPH9-7xjeEa8&google_gid=CAESEOzLFKdoaZnjnEaxVnI8Qsk&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ads.travelaudience.com
api.popin.cc
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csp.withgoogle.com
dclk-match.dotomi.com
dis.criteo.com
docs.google.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
heho.com.tw
i.clarity.ms
ib.adnxs.com
id.rlcdn.com
images.dmca.com
img.heho.com.tw
json.geoiplookup.io
kids.heho.com.tw
lifestyle.heho.com.tw
log.popin.cc
match.adsrvr.org
ml.oxra.com.tw
onetag-sys.com
oxra.com.tw
pagead2.googlesyndication.com
pixel-sync.sitescout.com
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.popin.cc
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
tw.popin.cc
um.simpli.fi
unpkg.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ml.oxra.com.tw
104.18.36.155
108.157.4.15
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
139.162.79.137
139.162.82.98
142.250.181.230
142.250.185.130
142.250.185.98
151.101.66.49
178.250.1.9
2.16.97.41
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2606:4700:3037::ac43:8652
2606:4700:3038::6815:ebd6
2606:4700::6810:7caf
2606:4700::6811:180e
2606:4700::6812:18ad
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2011
2a00:1450:400c:c02::9c
2a02:fa8:8806:20::2010
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:400::649
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
3.33.220.150
34.149.230.38
35.190.0.66
35.204.74.118
35.244.174.68
37.252.171.53
51.89.9.251
52.167.85.21
52.29.13.21
52.29.184.165
61.219.68.119
68.219.88.97
98.98.134.243
029021f9df9d250bfc5442e10e72bb7fcc37aef687080952a051aa4428214f15
07598e9c2aae44f349f488e73a31691f1f0f8c5eaedeaa69f2bcb56efa59a934
081a9357e5da041fc09dbef6c0abaa986251670aacbc6029228d37f34fd1fe25
08b2864e6373aaee9e40895973ab3f6ea805aa043ffdafd1dffbeac841b29a00
0aed6591e410e7ae3aec13a9c69b083ecb19b90dd8b2ea773320c8214aa9af85
0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c116c74efa19439bd2e6ad056ee930d82c0c8ac55330bbc5a9f63885601dec6
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cecb66bde508c9248d803c80e120330c2390474f21df544bee4d8d34b22810e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10505df86b3638be7b5707a542c0c7c80ed856f14e037bb1c64bfaf712b0ab75
10b6fc407ad68085b7ea80a7f03939ed11b4ad702c3067ff89bcd8ee26320ea6
133bb5c5af6b43d96660ff65f46464f2a03f7d0deeb8e2a1f8e0aa7ce6770120
1382decc32857b4dc59faafdf57088d9f6917b18ece82cc47f84010224008c05
13bd5abd3bd40e3f01fb2f34e2434e806cf8dc43b08053fbe7770b40bff5dc57
14f880482da8a65732322f1cc972412501c1d33d35edece8f4aba96fab40c3b6
171d4c2505ae91856b2fe01ef5154d89feec1591421b5ee67f6ef8c0f50649c6
17406c4e4926c81dcd8f3832b79428ccf82f5a3af17c03afd0e37f13413851b7
184819cfd66eee3bbf756a609a0ea8034f09dcf8c68cd817b08358d8e5579ca3
18acdddfbda216420afff69425e62008f9247a3edc35bcad0e233c23bee68ea9
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1adb086b7cc632d932ba4ec0d96918220814e7fb71da8f3d1e93faa0af8fa771
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20a3bf52be657d048a21d70727caaa41611e9d8ef79c89d88c78949ee41a162a
21440e9e93d3e4d7bd0cbaae96c74e8630e3a92dca888225fd091cb0d930f034
22bd7cf3246f1ba3c6875d4099495f7915382811d89d27f1925a9fba8078b730
23e4a995297af6d7e3abf5dc3212a2390efd61c55e15aced428ed4508654fe47
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2706dfabcbaaf2dee90c3a10c168d5f5691ce787dcae9e77cd038f66b08fc4ba
273864a943d0ff0ab1b4861c83635fe7c7fcaa496d81862552923c614639b12f
27a978cb6edc80bdcc5c73522e81cc7613e190ec278b374a884d46a3d4c7db15
2b4754496c3c8815466b4d36b59ab990ffeb3cfd2d4e4018371c1c83c8eced8e
2b7b7baea916d512ae52ef684436b05c330805445aea9f63ec5f3cf92f5db553
2f6995a0395179c9dd731c85aa08ef73fb09ab0b6ea2e889eda95f9747e069c3
308bd8594b227122898d10838a3b719f545cd4ba4f02a408fc0b7ff43f17ca30
31594918e6093b22f7d61e9ef00fe99af5de221a8e7b039517c38bb140fa6d95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334e702012cf0d8dfdbcfe2a9ff9e70032ca59cad3573f01454a3e1706131f5c
33ea7445e374a6aab69f4e13ddbc9fc0e356c731e2d1f093619b93d4281bbe2e
347b8e3e68694a70f4b024cdbee7fb7ed5f98c19d0dafef6b8f237191c796f03
39b2a26dc249d0368798ce01da3e9785958eb925e608eb4729607f10ecf51241
3a3444723e0dd36e3099deb59133ba82203985f1eba230a07e7ce8eb43b1e1f1
3a6c1001c36d7f2f8ad4df369baf38217af3adaae94a5625651c05f4c3a38bd3
3a8566c410bdc9c4b1a222d4e198c179255893accb662ed34ac308c39fc01bac
3c1d1b09af9ea0e4a497cf8f1baaf915bb032eca2ae369869566282d156cb25d
3df61dfec8baf56370890d50b52c3468fa8260ec0f04ac2de100c9d369cd1381
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e92624ff29d44c47f313d24e815f4f9b1ee01ceb5700f6fc9eb3baa215159f6
403c4d504b40910b8913185dc35ecebd3348bc7d2dea88521eb60acf578f28d2
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4524691b7547d0d9f1a34ff172d940bedafd7725a14a5bd1121807b7d993bffa
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13
47f1d0dc5c8ad11e9fcc9fb81023552a39854dfe3a8f67609b8ea44c1685c3db
48d68ba83268a7d5262f2af34a516346aa970e5212d9605664c6dc390bfed129
495d00ced775fe8a262d2b05f8225c1a172df503b4f42a788f97e15f1867ee93
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4d6f268fafb58c6446703ee4d09aedba5b6a7d3a59261da328d75d5115fb11b2
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50507f6e6940c0c5a3998c21ec028c92bd9da787a7aff9ae510a1b510a6c8b8e
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
51517aa1e842c8fa674210dabc693b435db2d5edcacf311a67e95abd4a040600
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53b183e10d8c5db234637e82bef4014117bd41c956c69af55fa0165a7be31666
5448b3df7fca1bd7f1ee6c34cab7287342978c1634a216dcb055faa92ffef9de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54efcb5570863b2329c2c677749c85c7ed337f5c16bf38caea17807196150293
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
577720b3510897fca3bfe22da77990ae5e29eee049e1a1420490c5d3998cb436
58414c45ff47ff8f78077f75d47fb1c08143c46e500536ccb407fb9a031d3da7
589ee426ccb7b86d8643b16efc0acbd99cb9590e1237cbbb694eba36efac28e2
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bd95d97908d15bffb7bee4ac7fafc2b7c19de43cb27447eb8ea21fd72d476b4
5c0243aeabbf9c2f5353f0f043cdfe582305ce9232dafae04789f72ad8b8a2fb
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5dcebb5ec80a2ddab469a77f1a37412c34205ef76d054131083b0bf663b786fb
5ee1925de22baa2ef5bcb426a76da601c7a094d4d87cc8703b80db62ac2452c1
5f338abba8fb7cf686b9a4f785fedd4299709cff3e365eae3c61eb0e507c417d
600db4b0c037c60bc7cf0f6508cd29ff8d97e1d02267a626b444a28d7c75d298
60f4bc6d7145eac78eacce4c985befa2f47a66af0fc33f5e5f99f43cc2c080f5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6344f577419d3db79fb3e2c6f7cf973031e22de4941e7277d782a4e6d2d455ac
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66a070c331573aa324fa2deac1a1b42b2d58e9660268555ee382d857e651e33f
68425336934a956337b4593a3d47d51d2970d03ac4a9c9fc795596f13eb21775
68c3f849762d80f759a7702f52b6f9c432173951d7d5e830c98cedfdeba5e53e
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
6ad6b8b2dd661ae7182bde4de0a90cdfb0d06d3451102d5d5137c340c2b70a3d
6b8296cd670c13c88421246c0d64979967914b1c3a4edefe67f7298cc0ca6305
6bba06493e9d01e72d0c0acfbf64abbf9f9198dbb7788285bf8d7b9005d0588f
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c00994f426cdca41eb2fbd87b0f3610e37acb3d641b4297a5cfa3e969cd95ee
6d5d266786527c398a683d85440a1dadc9ee41be88cb800a68225276358d80cf
6d7fab9e736b5a64ab2fd063444bc8737b54f6e0a559c2a6a04149d952a75017
7046618f6555847e4c8d7fb47584672aab889faf9ceebd6d871074da350615c9
738465a35668cea4cf13644bbaf6eeb18dfe494d6941a242d138ee87280c8a9c
74d4d21ea731e982d339e2341bebcde40e7abd3c43e6955a51d13c68d105f9ca
7615aed2ed8f1361d3aba2b6ce6612468463e660e8bd4a4302b24c113ec57308
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284
779843e9e9c00cb70db943a8929d8977585f109d611cbaddb6e062cdd5bf4e33
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b12827dadd5228ce6027e2ba95b0d5cc8c0ebe1f7ade091b7ae71981e00dfeb
7b281506c1ec54aee032263668728e13fc6eca72d39ea52a96349969fca5f63e
7c7c81ec43ffc35a71567094e98836d7545681a399618661c8f1eb202b580206
7c962d6b55e524fbd4d056d9417afc3f15d56c09df24de4217a3faecd27afba8
7e80ef401596260b801ff1c75b225d452296ce913bb895bee17ea6b40488d7e8
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
80083bb74056d4ea185160dd596de5a63d5ed834778a5d7f7e4e843ba4421345
82a622161a8f46524e9b114be85c7692b3e38a2bcb832a134fc5dd022f9a1616
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8341e035f8572a07e1afa2e95d48bf9a97d33844e27e4300bb8c0de6e172211b
842cbe5d1403a229cdffb0f66329fea4a2b5011e569b2978b75d2a9da553d2d2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a5754dcc49e35a95e046abb5d39e230261005f60cdfeb41d3f091775a6001c
867352b1c82c47d71a11744e3886441a848780dca87928bac596e5f3473bfaa3
87b18f50b21e8e3e68778d553e17395f44f3d18bcf9d664f852e9a7d515a6c10
889aad1463a00bc7c4fda2a94819d09f932bde81010eaa9f7b9f74402f3fc579
8c089632f2472d720775d3f5d81306f073905aded8a9a2ce493a4c516984c5f5
8c784e0a746c79495f6389971b2f60ef425d4d98a1ab85b9945e31a41e2fe9ed
8ca1eee7725d016477dddd403b78c514438b1d2cd58545b4bc9fd6db9647d83d
8cc3cce7b52175a0e42f8b92d45322ebaa709d227f9ec52643e75410fda94b06
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed2ede5bab60770b7078dfbc3e786d4e720ae4545bf82c71eac2a8f7e835b48
8f54070450baf09b19fdbe1d661a5b05eaec9b8a60353a4cf91ce60df518469a
926820f185b15731023eb5573e470b2fc52fa7c7719ba68de547ec3a99ea4db6
9320b3cdf4756eab8412ee5120bc5af5524c9030de78136fbc42b7e40814289a
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
95f9c17674d2b0373782ea0d839ea1c192796ed202be706d2d362e3602c8abb7
9647322801c526092a1912ecd4836fc639e4be4f40dda05e83a9811223fb1747
97c427fcd82365110b1a5710ec4fc6f02d7d252c9a633840e48c100905efffd1
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
985b3bcffaca82008af6fbae8e61658cb5154c104561967e0b1fb91305375555
9902d51604cb1357c33eb19b474d3a0afddd94fb5d10fb0bcd122885e31610d2
9996ece096f1a0a0a480e2a9ada6ad692c59b562370dd189bd75968dbd7a0f9e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afefc6356f7a01fa5d0a8b69c8a39cb3709795753e96ad09bad19b21b0b658c
9bbae8193dbf66e39dc9eb836075c7116d0cd039473572b650a6062375373929
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9c9837dd0a50218aac53dee373e4167e0a2edf128136d31ff2d89add6c5fed8e
9d81818ee4513a1dbc74d17b8dcec5aa730a70ceca96b75a68ad007554e01cc2
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fc62f0847bbeb2b050932bc04e8d60087955e2bbe3659fbe89408f4c62f2f7d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a076d79ed14cff54c3ece7a41c43bf5b96154cc8c194ba252aea6f5c3830cfdb
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4caf0e36dd19c395a07167bc67d8f38c73263c10ff786db363c5f0b5c8c7abe
a535ba09ab809d987eb451502fe1d911ed8959328eaa381ee0bcbeaded320c78
a5b17f07bd0d24edb3a5883b7fc3e77b39be07cd99131fbd33b7873fda49b165
a631f36b97689ffb94afdaef8032e78479d469894a2b18f007dea806dc1172b3
a7e20339f5886b36f7afffb514bce1173794d5f6a4dd37aa45929d62614f9aad
a817a663ee912ccf67f30d9cddfb563e15efdabb3de65fe491abdfbea5c6578f
a9ed2dc63202e8e1e06cc22eb23d39212a36034d90dbc76274ec7f85deb1d3c2
aaa699bffde59485dd19fa60a333645a0e56425bf560e2c42b54938bbb286687
aada1ac84edc0a0f678a12e87b835b9c5a71fc4cec407ca0420c6561cb53a439
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
add6ddd7fee32d58eba385983ab7dcc9657ad97cdbd4bf4594db38675847edb4
ae4ca9b9303fc55a1053c3a796249078fc00d2389cf2f4b1f006bb19917e3bef
afd50883e5a14dc60ab697ca8272c575fdaca96c69eb11ff5edc092752520d6d
afd7b4ce1230fc5d6cb58daebeed6bcd09ebee1e4414367596bc3bb33f62444c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1de6eac3059ca778e6d2367182c7f11edc81e09971e56f788db308a674ea7ec
b2d715cfe84dc6dffc61288e0a1ac6901e9ce71b50e08a0b71c1d6c20c135940
b6ba6d140a0b4673d579dd5cd2428521d9141c946dcb02884c0c5a3b3913cd7d
b91a5d0c93ab9e0c055f1e0d6ff22688984670591f4853b000454b703fb2fcb7
b93f4669cc09016e4d1ad1836a4cd1ebcf832c22979e5fa11db4f7c3620223ae
bbd98aaaf11a21804cbf7f5b10e7ef9a80c30a47840b7b1dfa51a84fb298ffad
bc3fa17b0c4f879f13a223996f66eb9fad7c84385b2967e3781a3680a6e6a811
bc425300c8a8a921a3d481e8b2395ef3c6cac4333b7326ceb1f5963fa6102b77
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd37899aca2011cdf18276fe93b568460f41a8a9aa4af0dedae29e28e0f7cc8b
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bec887feaec684bbc55998c457617df16605234f032386cd8068ad2dc8964a5c
bf06f7365e265b3cf491bb1966bed8536afd455bde61bf070e66dbacc2c9c1b8
bf54ca999785e94d3692084aedd7379cdfa4f722acc00c50b937ff30f830122c
bf721c6995366adb25d098fe2b901999ed3a750a2cd7d0f57f0e9d85af2aee29
c03210b34da6c0fd9e907f208b17de8dbba8e28936834509251398205dca158f
c063fc54a4bcec5e67e63ec0c5fb62be66be35509203e143a97de4e7eae0e4f2
c129c2c42b2f1d5af9bd5b9858f0eba8215ee3ebf61fbc99866e107b2c0af4b5
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c3525fca875bf7203e92f116e0c5532dd5b5fe0f0ca5e12c6c4c8b9bd77566e2
c37959ecaf7cbc7222f9be9dc9004783aedddc45b3e145d4b1a974bba439a72d
c44b1665bde2b3f0a1b356fec4559832ae270f7180b48265da8832815698a55e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c722bcfe0d355ff7d229effde050591e853eed1203d5ea35a1214b9243b476e5
c7b73dc2a43d6620b4ae7b1e05eea2342cf309352b4dcaadeb4491c5b72468e5
c8fb82df9421fa2de18e11b89200eeccb188dab713331f06c6c8782ad5ce5437
cb1d125975da6683e4db07394e5035b0cde2782b389341bb577d2a274262e839
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc93b0c6ccf01063b9788530ca2389636059624b18599de8edef8d4054255474
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cdaae795074ced24ad382f9f21c4f2e3443d3dc27bf6f75ab5cb43d54f23f009
cf259e3a82cb642feed954fd8e370352a706318c4867e238d981caddd5481512
cfe4b3384bdf0bd276d03faa954b58977064c3aa7199c946292f3d22f416fc76
d02311df18bb3fb0ecc50f9708e14660b60f8d9bac334c7b5d18c0fa4f888a88
d16a97a25c22e0a3666a93f2cc4dfb340df15a55dc32190f797ee748f2d7b3ba
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d4ba92453033372b440e5e762eedec60dec8b3c32008f599b1c7f46376d64216
d5c4965a6e9c89dee7d1389167c821976bfbf55d80e7dcddfbcb5400b1ae01c9
d6160ac2857a97b2e8b68b394977418e28dc43947425deb37fdea506582787aa
d6567639db59dc67528a542b533eb95189e86f1d3cd82d865b72b09cbb2290e7
d71a472191ca500c7dbcdc6cf3bb86fada4c0b5f5b787a936e66b61f6288cde0
d740ccea2020d7d2b8985f1d3d8bab30f507805d20d931cb0a7d8d4438bc2189
d8977152b314fcd5d04bec050367c0aafa91899501593e9ecb0d6090cdac29a6
db8faffb5e867554c1ab9b0edd0e11e8b5a3d4b9842d860a11646371c2b84d79
dcbaf64460b4db78ba16ee6230d2c90215dda58ce8c285348d624fe32dbc470e
de0ff9a32cefd5253e343aa3a1a9772513d60ae479e41ea5dfa0462e4aa31f30
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
e05fd4c39d2671d0febcf551364287a41d4889ca4692817722459ff34940ac81
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e2ecb4dd57033b4d5ce93ed5ee31f6e7ae13e0208ffed843a8a25809e6c186a5
e2f7fbd847620a46b260daa079ddcacce2e96d507bc686510677cb243f088245
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e4e6a680e9036aaf31486a675e7ae117f53d2f3c3924240f26e0d57520e4204a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5acbe17fd4e63cca2ce1b72e482fc2411d27d9d534476ad7f0108b9df087fce
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e98273998af7ba59db229a5997cd60b10fff987e60d89dc79654a50fa5daee02
ea457f0a12915cc9612ecc2a0c085b16c5cf8af109f1be1c7fcc358a9d52fbc2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee21fa3a8dd34931830b255fb301dec184add039958f2378ec534733b4002011
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8fea302c93f5619c53b4b7f8435c3d7dbaf5a4296593fb9f353e574c9b34d4
f16700a582fbcb0a4dce154cb5fab6fd32ed12a495c7e2678be5d0ad93e282c3
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f8cc03e63c2624c1e817c00f6dfb085759dcff6aa84c37fcd65050023fd582e8
fd8bed74936b7b0f1745b3b117cab8be5ec9405fb4771226270462e670b8d9fe
fdf44c84e33e64332bb97121e566eb096f411850877443b97c310e598ef10e72
fea32efefa901ef8406bee583dcea828fc0871ca38f7227475fc8d6a520da9dc
ff65c6a3b716ae696170f17006e5b017751677908e6b56b53a27379f7dc578df
ff8c9a38c906236a4025b752da6a83403df53f22f0fb8b88155b7b04a5229904

heho.com.tw Open in urlscan Pro 34.149.230.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

82 %HTTPS

53 %IPv6

40 Domains

59 Subdomains

51 IPs

11 Countries

9981 kBTransfer

16781 kBSize

43 Cookies

49 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heho.com.tw Open in urlscan Pro
34.149.230.38 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

82 %
HTTPS

53 %
IPv6

40
Domains

59
Subdomains

51
IPs

11
Countries

9981 kB
Transfer

16781 kB
Size

43
Cookies

334 HTTP transactions
17 data transactions