m.annanmode.com Open in urlscan Pro
210.114.0.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Submission: On January 24 via api (January 24th 2024, 1:48:02 am UTC) from BE — Scanned from DE

Summary HTTP 193 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 65 IPs in 12 countries across 56 domains to perform 193 HTTP transactions. The main IP is 210.114.0.217, located in Hanam, Korea, Republic Of and belongs to KIXS-AS-KR Korea Telecom, KR. The main domain is m.annanmode.com.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time m.annanmode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	210.114.0.217 210.114.0.217	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	23.48.23.45 23.48.23.45	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:236... 2600:9000:236e:b400:f:9b8:8140:93a1	16509 (AMAZON-02) (AMAZON-02)
13	18.245.86.42 18.245.86.42	16509 (AMAZON-02) (AMAZON-02)
13	72.247.153.218 72.247.153.218	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	115.68.78.52 115.68.78.52	38700 (SMILESERV...) (SMILESERV-AS-KR SMILESERV)
4	61.74.67.204 61.74.67.204	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2899	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.245.60.41 18.245.60.41	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	210.89.167.46 210.89.167.46	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	211.249.221.187 211.249.221.187	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
5	104.126.37.147 104.126.37.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.192.70.152 52.192.70.152	16509 (AMAZON-02) (AMAZON-02)
2	203.245.1.130 203.245.1.130	4766 (KIXS-AS-K...) (KIXS-AS-KR Korea Telecom)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.248.102.124 54.248.102.124	16509 (AMAZON-02) (AMAZON-02)
2 2	1.234.81.14 1.234.81.14	9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd)
2	133.186.161.10 133.186.161.10	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	112.214.46.111 112.214.46.111	10036 (CNM-AS-KR...) (CNM-AS-KR DLIVE)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	89.149.192.200 89.149.192.200	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.20 23.48.23.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.211.69.160 52.211.69.160	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	34.249.97.40 34.249.97.40	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.158.26.107 18.158.26.107	16509 (AMAZON-02) (AMAZON-02)
1	54.68.130.239 54.68.130.239	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.153.3.226 18.153.3.226	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:da3:1083:772e:561a	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.71.202 54.154.71.202	16509 (AMAZON-02) (AMAZON-02)
1	52.29.105.89 52.29.105.89	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.31.7.212 52.31.7.212	16509 (AMAZON-02) (AMAZON-02)
2	3.37.189.137 3.37.189.137	() ()
6	54.180.111.109 54.180.111.109	() ()
2	2606:4700::68... 2606:4700::6811:190e	() ()
193	65

36 210.114.0.217 (Hanam, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

m.annanmode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.48.23.45 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-45.deploy.static.akamaitechnologies.com

wcs.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:b400:f:9b8:8140:93a1 (United States)

ASN16509 (AMAZON-02, US)

optimizer.poxo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.245.86.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-42.fra60.r.cloudfront.net

storage.keepgrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 72.247.153.218 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-153-218.deploy.static.akamaitechnologies.com

img.echosting.cafe24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 115.68.78.52 (Korea, Republic Of)

ASN38700 (SMILESERV-AS-KR SMILESERV, KR)

malog.byapps.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 61.74.67.204 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

login2.cafe24ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2899 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

t1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2868 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

t1.kakaocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-41.fra60.r.cloudfront.net

static.recopick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 210.89.167.46 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

wcs.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.249.221.187 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

bc.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-147.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.70.152 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-70-152.ap-northeast-1.compute.amazonaws.com

api.recopick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.245.1.130 (Siheung-si, Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)

cfa-js.cafe24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.248.102.124 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-102-124.ap-northeast-1.compute.amazonaws.com

lc.recopick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 1.234.81.14 (Gangnam-gu, Korea, Republic Of) 2 redirects

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)

idm.skplanet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 133.186.161.10 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

widgets.cre.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 112.214.46.111 (Guro-gu, Korea, Republic Of)

ASN10036 (CNM-AS-KR DLIVE, KR)

cdn.snapfit.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.200 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-20.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.69.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-69-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.97.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-97-40.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.26.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-26-107.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.130.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-130-239.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.3.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-3-226.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:da3:1083:772e:561a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.71.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.105.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.7.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-7-212.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.37.189.137 (None, )

ASN- ()

snapfit.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.180.111.109 (None, )

ASN- ()

push.snapfit.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	annanmode.com m.annanmode.com	1 MB
18	snapfit.co.kr cdn.snapfit.co.kr — Cisco Umbrella Rank: 532172 snapfit.co.kr push.snapfit.co.kr	213 KB
15	cafe24.com img.echosting.cafe24.com — Cisco Umbrella Rank: 210414 cfa-js.cafe24.com — Cisco Umbrella Rank: 210175	37 KB
13	keepgrow.com storage.keepgrow.com — Cisco Umbrella Rank: 575484	8 MB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	64 KB
10	criteo.com 4 redirects static.criteo.com — Cisco Umbrella Rank: 198444 gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123 sslwidget.criteo.com — Cisco Umbrella Rank: 2254 widget.as.criteo.com — Cisco Umbrella Rank: 48981 dis.criteo.com — Cisco Umbrella Rank: 608	29 KB
9	gstatic.com fonts.gstatic.com	158 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	591 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	145 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	94 KB
4	recopick.com static.recopick.com — Cisco Umbrella Rank: 876776 api.recopick.com — Cisco Umbrella Rank: 698016 lc.recopick.com — Cisco Umbrella Rank: 706690	56 KB
4	cafe24ssl.com login2.cafe24ssl.com — Cisco Umbrella Rank: 336354	14 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	3 KB
3	naver.com wcs.naver.com — Cisco Umbrella Rank: 22781	2 KB
3	byapps.co.kr malog.byapps.co.kr	24 KB
3	naver.net wcs.naver.net — Cisco Umbrella Rank: 20989	23 KB
2	cloudflare.com cdnjs.cloudflare.com	64 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1743	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	140 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	cre.ma widgets.cre.ma — Cisco Umbrella Rank: 401013	667 B
2	skplanet.com 2 redirects idm.skplanet.com — Cisco Umbrella Rank: 123318	947 B
2	google.de www.google.de — Cisco Umbrella Rank: 6518	562 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	562 B
2	kakaocdn.net t1.kakaocdn.net — Cisco Umbrella Rank: 19491	72 KB
2	daumcdn.net t1.daumcdn.net — Cisco Umbrella Rank: 22093	33 KB
2	poxo.com optimizer.poxo.com — Cisco Umbrella Rank: 233235	184 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2112	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2988	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33181	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3209	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1421	884 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10355	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	1 KB
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1147	162 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	319 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2620	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1704	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	813 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	235 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	960 B
1	daum.net bc.ad.daum.net — Cisco Umbrella Rank: 44127
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	8 KB
193	56

	Domain	Requested by
36	m.annanmode.com	m.annanmode.com
13	img.echosting.cafe24.com	m.annanmode.com
13	storage.keepgrow.com	m.annanmode.com storage.keepgrow.com
10	cdn.snapfit.co.kr	m.annanmode.com cdn.snapfit.co.kr push.snapfit.co.kr cdnjs.cloudflare.com
9	fonts.gstatic.com	fonts.googleapis.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com m.annanmode.com
8	www.googletagmanager.com	m.annanmode.com www.googletagmanager.com malog.byapps.co.kr
6	push.snapfit.co.kr	cdn.snapfit.co.kr cdnjs.cloudflare.com push.snapfit.co.kr
5	analytics.tiktok.com	m.annanmode.com analytics.tiktok.com
5	fonts.googleapis.com	m.annanmode.com storage.keepgrow.com cdnjs.cloudflare.com
4	gum.criteo.com	3 redirects static.criteo.com
4	login2.cafe24ssl.com	m.annanmode.com
3	ib.adnxs.com	2 redirects
3	wcs.naver.com	wcs.naver.net
3	region1.google-analytics.com	www.googletagmanager.com
3	malog.byapps.co.kr	m.annanmode.com
3	wcs.naver.net	m.annanmode.com
2	cdnjs.cloudflare.com	push.snapfit.co.kr
2	snapfit.co.kr	cdn.snapfit.co.kr snapfit.co.kr
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	connect.facebook.net	m.annanmode.com connect.facebook.net
2	widgets.cre.ma	m.annanmode.com
2	idm.skplanet.com	2 redirects
2	www.google.de	m.annanmode.com
2	www.google.com	m.annanmode.com
2	cfa-js.cafe24.com	m.annanmode.com
2	api.recopick.com	static.recopick.com m.annanmode.com
2	t1.kakaocdn.net	m.annanmode.com
2	t1.daumcdn.net	m.annanmode.com
2	optimizer.poxo.com	m.annanmode.com
1	beacon.krxd.net
1	www.facebook.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	lc.recopick.com	static.recopick.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	widget.as.criteo.com	m.annanmode.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com	m.annanmode.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	bc.ad.daum.net	t1.daumcdn.net
1	static.recopick.com	m.annanmode.com
1	static.criteo.com	m.annanmode.com
1	cdn.jsdelivr.net	m.annanmode.com
193	69

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
annanmode.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
wcs.naver.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-12-01`	a year	crt.sh
*.poxo.com Amazon RSA 2048 M02	`2023-09-30` - `2024-10-27`	a year	crt.sh
keepgrow.com Amazon RSA 2048 M02	`2023-07-10` - `2024-08-07`	a year	crt.sh
akamai.poxo.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.byapps.co.kr RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
*.cafe24ssl.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-10-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.daumcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-06-07` - `2024-06-07`	a year	crt.sh
*.kakaocdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-06-07` - `2024-06-07`	a year	crt.sh
*.recopick.com Amazon RSA 2048 M03	`2023-09-25` - `2024-10-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
wcs.naver.com GeoTrust RSA CA 2018	`2023-08-01` - `2024-08-14`	a year	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2024-01-03` - `2025-01-30`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
recopick.com Amazon RSA 2048 M03	`2023-10-09` - `2024-11-06`	a year	crt.sh
*.cafe24.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-08` - `2024-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.cre.ma DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-18` - `2024-05-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-02` - `2024-01-31`	3 months	crt.sh
cdn.snapfit.co.kr GlobalSign GCC R3 DV TLS CA 2020	`2023-06-14` - `2024-07-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
snapfit.co.kr Amazon RSA 2048 M02	`2023-10-16` - `2024-11-13`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Frame ID: 82AE00D5A40DE566E1F4BE52228684BD
Requests: 128 HTTP requests in this frame

Frame: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Frame ID: A2AEA01462FC70B770618DB106EF989F
Requests: 24 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=m.annanmode.com&origin=onetag
Frame ID: DC4FCE3A0CB01C31C489A751BF3283DE
Requests: 2 HTTP requests in this frame

Frame: https://m.annanmode.com/exec/front/eclog/main/?noMemberOrder&returnUrl=https://halva-4you.ru/&rloc=https%3A//m.annanmode.com/member/login.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A//halva-4you.ru/&rref=&udim=1600*1200&rserv=elg-db-svcm-159.cafe24.com&cid=CIDd30142e73d401645bfec1d7b334192cb&role_path=MEMBER_LOGIN&stype=e&shop_no=1&lang=ko_KR&ver=2&mob_flag=T
Frame ID: 8F4743EF9673266162C5CB0B50C464FE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_gid=CAESEOGBDm33IPTd0bOIIYUcpvM&google_cver=1&google_ula=913071,0
Frame ID: E0AC55271C820BBBBE2FD53B5592F07D
Requests: 30 HTTP requests in this frame

Frame: https://push.snapfit.co.kr/Spm_Mgr/make_frame_form?%7B%22sf_store_name%22%3A%22annanmode%22%2C%22device_type%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22adminPushID%22%3A%22%22%2C%22solution_type%22%3A%22cafe24%22%2C%22page_type%22%3A%22sq_login_page%22%2C%22referrerUrl%22%3A%22%22%2C%22todayBannerStatus%22%3A%22%22%2C%22spmislive%22%3A%221%22%2C%22useKakao%22%3A%220%22%2C%22useDelegate%22%3A%220%22%2C%22kakaoDevKey%22%3A%22%22%2C%22kakaoDelegate%22%3A%221%22%2C%22bannerDelegate%22%3A%220%22%2C%22delegateBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_delegate_banner.jpg%22%2C%22delegateBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fdelegate_ico.png%22%2C%22kakaoBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_kakao_banner.jpg%22%2C%22kakaoBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fkakao_ico.png%22%2C%22delegateBannerLogin%22%3Afalse%2C%22idsyncstatus%22%3A%22%22%2C%22user_id%22%3Anull%2C%22spm_spmuserid_pc%22%3A%22c0d39d5b53ebd438dc850bebbb6ddabd%22%2C%22spm_spmuserid_m%22%3A%22%22%2C%22pageinfo%22%3A%7B%22pagetype%22%3A%22sq_login_page%22%2C%22cate%22%3A%22sq_login_page%22%2C%22itemcate%22%3Anull%7D%2C%22pushlogo%22%3A%22%2F%2Fcdn.snapfit.co.kr%2Fimage%2Fpushlogo%2Fpush_logo2.png%22%2C%22result%22%3A%22success%22%7D
Frame ID: F179647D0BEA214D45A4F1D2E5358B73
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

안나앤모드

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

193
Requests

96 %
HTTPS

28 %
IPv6

56
Domains

69
Subdomains

65
IPs

12
Countries

11395 kB
Transfer

18869 kB
Size

66
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/annanmode/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/annanmode

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://gum.criteo.com/sid/json?origin=onetag&domain=annanmode.com&sn=ChromeSyncframe&so=0&topUrl=m.annanmode.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gTYnJHxTVDRGWWpMUkZlY3llSEQ4SGVyNThrWURpWWt2b1BhVDU0aTRvdEU4cjZkcjdEaW52aG5UK2NxQk5EdHhmRnNMN2VLdHNIbTRwdlhmRWpNWTFUa2pIMnA4WUNRR3NVOFJpWWl3dVdBTXRTc1ZIcDYvc0w4VHJsbTNCaVYvZVdzYTljSVhvWFB3SGtWbFJmRDBPZEpSOEJKTGNkQnBGNHoyNWZycXFRWmtjWDRvc2phdkQ0WkhiRVl2MUFQRUxCOUF4U2dPQ0NvNDQyS0Mxait2SjFHZkpjeGhoR3Y2VXBXbnZCSWpSVkt3Ym1zbWRReDU4SkJ1MW9ZOTFvVGFnRzRmcFVEM0FIeEVjVWlIVU5xZTBoR2s3d3JLanBFNWgzbDY5aXBqanA1MjdwVT18&cppv=2

Request Chain 101

https://sslwidget.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQld6TzhmMFpaOGJIWGNRWUxFYiUyRnhUemJPMnBScXV1N1daZkxMdFZHZjlvZjlsQ0szdlY0VWdJREJLbGR6V1pEck8zYUxjc2RLRkUxeHhvdkRpcEZndGtMU3ZLVFElMkJjbjNocGZnJTNEJTNE&tld=annanmode.com&fu=https%253A%252F%252Fm.annanmode.com%252Fmember%252Flogin.html%253FnoMemberOrder%2526amp%253BreturnUrl%253Dhttps%253A%252F%252Fhalva-4you.ru%252F&ceid=62dd68cd-5ec3-4492-af9d-efe0625eab2a&dtycbr=26287 HTTP 302
https://widget.as.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQld6TzhmMFpaOGJIWGNRWUxFYiUyRnhUemJPMnBScXV1N1daZkxMdFZHZjlvZjlsQ0szdlY0VWdJREJLbGR6V1pEck8zYUxjc2RLRkUxeHhvdkRpcEZndGtMU3ZLVFElMkJjbjNocGZnJTNEJTNE&tld=annanmode.com&fu=https%253A%252F%252Fm.annanmode.com%252Fmember%252Flogin.html%253FnoMemberOrder%2526amp%253BreturnUrl%253Dhttps%253A%252F%252Fhalva-4you.ru%252F&ceid=62dd68cd-5ec3-4492-af9d-efe0625eab2a&dtycbr=26287

Request Chain 131

https://idm.skplanet.com/pixel?nid=2&uid=60690021.1706060867188&url=https%3A%2F%2Fapi.recopick.com%2Fv1%2Fidm%3Frecopick_uid%3D60690021.1706060867188%26dmp_uid%3D%25%25SKPDMP_UID%25%25%26dmp_err%3D%25%25SKPDMP_ERR%25%25%26nocache%3D1706060867329 HTTP 302
https://idm.skplanet.com/pixelb?new_dmp_uid=Y&nid=2&uid=60690021.1706060867188&url=https%3A%2F%2Fapi.recopick.com%2Fv1%2Fidm%3Frecopick_uid%3D60690021.1706060867188%26dmp_uid%3D%25%25SKPDMP_UID%25%25%26dmp_err%3D%25%25SKPDMP_ERR%25%25%26nocache%3D1706060867329 HTTP 302
https://api.recopick.com/v1/idm?recopick_uid=60690021.1706060867188&dmp_uid=(DMPC)b4a86f57-fe12-4a30-945d-c3fdf34b08c0&dmp_err=&nocache=1706060867329

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_cm&google_hm=ay1SeUU5bkN0UUNwektjVE5xYk8yOGZhYlZldkgxV2dSQjQ5SXlyUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_gid=CAESEOGBDm33IPTd0bOIIYUcpvM&google_cver=1&google_ula=913071,0

Request Chain 140

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4997256798920854802

Request Chain 150

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw&C=1

Request Chain 151

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv

Request Chain 169

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xIewRKmYehxbgGw4GmOQFpB6MVU0HFgi

193 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.html Show response
m.annanmode.com/member/ 130 KB
37 KB 1779ms
427ms Document
text/html 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

b027b018858523b7400b3effccdb4342a66a9c9d76c313a1ec3409854aa26733

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 01:47:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 24 Jan 2024 01:47:43 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-anigif: webp
x-cache: MISS
x-cache-valid: YES
x-content-type-options: nosniff
x-hits: 0
x-hrpcs-signal: 1
x-hrpcs-ttl: 300s
x-hurl: /member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/byannanmode1view_mobDEwebpagent_pc
x-iscacheurl: YES
x-ttl: 300.000
x-xss-protection: 1;mode=block

GET
H2 200 jquery-1.9.1.min.js Show response
m.annanmode.com/SkinImg/ 90 KB
32 KB 786ms
776ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/SkinImg/jquery-1.9.1.min.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: f7c9604c95debab0b31ea8a73098131c74024e5fae31e8849215609bf811e7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 07:56:34 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-hits: 60
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 32824
x-hurl: /SkinImg/jquery-1.9.1.min.jsbyannanmode1view_mob

GET
H2 200 font-awesome.min.css
m.annanmode.com/SkinImg/fontawesome/css/ 26 KB
6 KB 479ms
471ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/SkinImg/fontawesome/css/font-awesome.min.css
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: fefdb75b90b67b6ebaa87b535e142b1c0b83b90fc7d86a6e597215c6c5b6017b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 07:56:34 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-hits: 212
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 6079
x-hurl: /SkinImg/fontawesome/css/font-awesome.min.cssbyannanmode1view_mob

GET
H2 200 SMS_base.css
m.annanmode.com/SkinImg/ 51 KB
12 KB 598ms
591ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/SkinImg/SMS_base.css
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: a0a098e4d0cf6d0f265f986eb7f8208a39d941a08e8fe9d001471b6895b1de21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 09:00:15 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-hits: 326
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 11849
x-hurl: /SkinImg/SMS_base.cssbyannanmode1view_mob

GET
H2 200 SMS_standard_annanmode.css
m.annanmode.com/SkinImg/ 145 KB
25 KB 600ms
593ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: f0a8727e5c4167cc6ec4dc19fbaa532c6a3a7f12f66fc544b4372742e4e92368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 10:07:27 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
x-hits: 427
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 25262
x-hurl: /SkinImg/SMS_standard_annanmode.cssbyannanmode1view_mob

GET
H2 200 xeicon.min.css
cdn.jsdelivr.net/npm/xeicon@2.3.3/ 35 KB
8 KB 84ms
34ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/xeicon@2.3.3/xeicon.min.css

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d3a2a00ea506e0761defc9c27e05ff087c0f932e15fbc5e5d61c33a78c2b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4647110
x-jsd-version: 2.3.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230125-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"8d78-PbmlkAY03FYSFMaA5teYyx8nbiI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO10HSXeTQp6BSRBX2OkoMEcHqEEiSVVNHI8gIULZCXKOUIqqQJr1UjFZ3JlNQYvOIs4rW%2F5lB6rtc7CLGCwMsG9IY%2BSrOgcN%2BGsQSGutT6P86qY1qOuI3bn8oCJMifgE3uNbmjLNpfQJ99%2B8sA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84a49c2c0dd1bb43-FRA

GET
H2 200 css2
fonts.googleapis.com/ 769 B
795 B 80ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300&display=swap

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

388ed79430f5ef5c5f78f0cbebec573610bd0824cb5ff1fe698b3ba433175a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 01:34:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 01:47:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109755209-1

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7142171e55b996893be1bf0349c55d286825a4cfdd09e7d692e1c2a039ced056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69396
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:11:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 01:47:44 GMT

GET
H2 200 cid.generate.js Show response
m.annanmode.com/app/Eclog/js/ 9 KB
3 KB 903ms
899ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/app/Eclog/js/cid.generate.js?vs=1c068d2cedfde52eca836c456aba7fcf&u=byannanmode.1
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 39bf82b97b4ed560fd147cce21860281e92ed35e754959accb2e318da21e1b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 00:48:49 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-hits: 169
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2359
x-hurl: /app/Eclog/js/cid.generate.js?vs=1c068d2cedfde52eca836c456aba7fcf&u=byannanmode.1byannanmode1view_mob

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 23 KB
8 KB 118ms
28ms Script
application/javascript 23.48.23.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-45.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:29:59 GMT
Server: nginx
ETag: "65ae1977-5b74"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=863
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7637
Expires: Wed, 24 Jan 2024 02:02:06 GMT

GET
H2 200 jet.js Show response
optimizer.poxo.com/jet/ 91 KB
92 KB 641ms
25ms Script
application/javascript 2600:9000:236e:b400:f:9b8:8140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimizer.poxo.com/jet/jet.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:b400:f:9b8:8140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bb002acec34fd0a15f9b2d7e608fd93e57bf419633a565e080813e597fe284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:24:44 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 69781
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 93452
x-amz-meta-server-side-encryption: AES256
last-modified: Tue, 10 Oct 2023 11:38:16 GMT
server: AmazonS3
etag: "c9cb019c0e6d01652ed0e6d3b8ce5217"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
accept-ranges: bytes
x-amz-cf-id: VfbIP-XQOepcMPTzi3iWsQfNp_2g95BML8I4ly_fsuv24pB5HdL7yQ==

GET
H2 200 optimizer.php
m.annanmode.com/ind-script/ 9 KB
3 KB 610ms
606ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/optimizer.php?filename=nc1LCoAwDIThfXHrOYLeqC3xAU2mpCno7RW8gHQ7zMdPB4RpWY2qYbcoZNzQLTPl1mgzqFOGCHR6h5n-_DmHhtL9hIaEaxB299FoiTfbGPWYCg9S1FBO5ZCi6td_AA&type=css&k=37c9481ac0212340e132f81eba4d1049fee7f18e&t=1681776733

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

8dd5c5463a2ec67c817b73a156f67e735e3927fa649c282dc3b26341ff342325

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
content-length: 2237
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer.php?filename=nc1LCoAwDIThfXHrOYLeqC3xAU2mpCno7RW8gHQ7zMdPB4RpWY2qYbcoZNzQLTPl1mgzqFOGCHR6h5n-_DmHhtL9hIaEaxB299FoiTfbGPWYCg9S1FBO5ZCi6td_AA&type=css&k=37c9481ac0212340e132f81eba4d1049fee7f18e&t=1681776733byannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Tue, 18 Apr 2023 00:12:13 GMT
server: openresty
x-ttl: 300.000
etag: "a8c0b7521c11ee4e2444deba3b32a3b30fcb53b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:43 GMT

GET
H2 200 optimizer_user.php
m.annanmode.com/ind-script/ 36 KB
7 KB 609ms
606ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/optimizer_user.php?filename=tZI7DgMhEEP7JW3OMUWq3CBV7sDHWpAYBjFQcPugzRXY0i6eLcsUhUHwZiiakpu2FFtYAqgOl5M3sXMmDTABms5CLC5lvN7kVZcII4MY7NAoy5nKY_lP2oOdGqWStID2Sdqlza9sCcl2yujkrCZ_JXphlv3Yv7Ed60bvN7Stdk1rO7aD4Y8lcETkehu8tvUaf439Aw&type=css&k=3979f6dd0ff66f1b503e62ab3cdaf51c3feac7d9&t=1703653005&user=T

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

260a15f51cf89f393427f3d4bcf873f568032f5376fe3a3d5e72aa756df7903e

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:43 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
content-length: 6542
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer_user.php?filename=tZI7DgMhEEP7JW3OMUWq3CBV7sDHWpAYBjFQcPugzRXY0i6eLcsUhUHwZiiakpu2FFtYAqgOl5M3sXMmDTABms5CLC5lvN7kVZcII4MY7NAoy5nKY_lP2oOdGqWStID2Sdqlza9sCcl2yujkrCZ_JXphlv3Yv7Ed60bvN7Stdk1rO7aD4Y8lcETkehu8tvUaf439Aw&type=css&k=3979f6dd0ff66f1b503e62ab3cdaf51c3feac7d9&t=1703653005&user=Tbyannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Wed, 27 Dec 2023 04:56:45 GMT
server: openresty
x-ttl: 300.000
etag: "9c661e03320b749cb99193006d31fc2e16c393f4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:43 GMT

GET
H2 200 keepgrow-service_50875f61-e61a-475f-bcaf-4ce4458bbbe4.js Show response
storage.keepgrow.com/admin/keepgrow-service/ 17 KB
18 KB 373ms
24ms Script
application/javascript 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.keepgrow.com/admin/keepgrow-service/keepgrow-service_50875f61-e61a-475f-bcaf-4ce4458bbbe4.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbaec82a37593d73f3f5805f404875fc43af9fe6f6cac6a0a17bcc7a896917c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: iTwNQy1yR3r5nbD_0fDuRv9t2FG_Zaz3
date: Tue, 23 Jan 2024 08:44:05 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Mon, 18 Sep 2023 03:02:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61419
x-amz-server-side-encryption: AES256
etag: "b6d039fc4dc64c709774a46254d5c815"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 17748
x-amz-cf-id: wXZ6a2ZlA3phDfgnx7QfMLF_4ppAUbAI-zxqQ8SXl3iOM7MsEyUgdg==

GET
H2 200 b_ka.png
m.annanmode.com/web/upload/ 7 KB
7 KB 607ms
605ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/web/upload/b_ka.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: ef9546bbb3aa4412b0bf0fd072953006c14a0f97f7318e5c4466d4eeabf6b0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 21:27:52 GMT
date: Wed, 24 Jan 2024 01:47:43 GMT
last-modified: Wed, 14 Feb 2018 09:56:10 GMT
server: openresty
x-ttl: 7200.000
x-hits: 60
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 7231
x-hurl: /web/upload/b_ka.pngbyannanmode

GET
H2 200 b_top.png
m.annanmode.com/m-um/ 3 KB
3 KB 607ms
605ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/b_top.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 94e7960c543cd9fbd6379a94e3043733f90b47b4ad16a710346c47f95e140801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 17:27:00 GMT
date: Wed, 24 Jan 2024 01:47:43 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 55
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 3289
x-hurl: /m-um/b_top.pngbyannanmode1view_mob

GET
H2 200 b_bottom.png
m.annanmode.com/m-um/ 3 KB
3 KB 682ms
681ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/b_bottom.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: a0cb6786a44d4435d953644bf2a1a9fff74c8b739d31809fc289861d9f741c7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 17:27:00 GMT
date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 55
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 3116
x-hurl: /m-um/b_bottom.pngbyannanmode1view_mob

GET
H2 200 logo.png
m.annanmode.com/m-um/ 10 KB
10 KB 682ms
682ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/logo.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: a3799b68416f0e0a806f9f77884f448a991fd8a6c2139d58638622479762a0a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 17:27:00 GMT
date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 57
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 10302
x-hurl: /m-um/logo.pngbyannanmode1view_mob

GET
H2 200 basket_t.png
m.annanmode.com/m-um/ 2 KB
2 KB 640ms
636ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/basket_t.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 1f7633fc4a5200255ee107b1ca44374e6e2ecd939da8220f843ad010ad3e01f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 05:43:02 GMT
date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 6
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2118
x-hurl: /m-um/basket_t.pngbyannanmode1view_mob

GET
H2 200 search_t.png
m.annanmode.com/m-um/ 3 KB
3 KB 640ms
639ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/search_t.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: a14cbb010a0e7d8425c7da3046665c9c5f208edee64c6166d3138db6f76d57a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 17:27:00 GMT
date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 58
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2659
x-hurl: /m-um/search_t.pngbyannanmode1view_mob

GET
H2 200 img_keyboard.png
img.echosting.cafe24.com/skin/mobile_ko_KR/member/ 11 KB
11 KB 154ms
54ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile_ko_KR/member/img_keyboard.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ef07f3dbbf910c2a39c01c7674bd33adbe7b2cdade522bd51fc3f353af76857b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Tue, 15 Dec 2015 08:04:31 GMT
server: AkamaiNetStorage
etag: "7a6154abc1a5ad5916dc61f27743b369:1562036686.373445"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 11162

GET
H2 200 img_keyboard_special.png
img.echosting.cafe24.com/skin/mobile_ko_KR/member/ 4 KB
5 KB 146ms
47ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile_ko_KR/member/img_keyboard_special.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40e528826d57846f7de64215f54865cec19b8235a4dd0d6f725652d230d2f025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Wed, 13 Aug 2014 01:12:45 GMT
server: AkamaiNetStorage
etag: "16a38fd22e2f253841a159439cd0a4ba:1562036686.630192"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4559

GET
H2 200 ico_ssl.png
img.echosting.cafe24.com/skin/mobile_ko_KR/member/ 2 KB
2 KB 144ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile_ko_KR/member/ico_ssl.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 29af8dc03c14140acbeafc1cd9c088ba967314b6e9c09163927c5e36ccf7ca5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
last-modified: Wed, 13 Aug 2014 01:12:45 GMT
server: AkamaiNetStorage
etag: "b7aa7d4ce8c8a57cec9cae284e923e54:1562036685.670116"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1650

GET
H2 200 byapps.js Show response
m.annanmode.com/js/ 10 KB
3 KB 640ms
637ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/js/byapps.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 182c92dc0256db9aaf69da4efa99d911cdfe547974b302bcf1b3a06acf2a12e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
last-modified: Tue, 17 Jan 2023 07:43:32 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-hits: 5
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2873
x-hurl: /js/byapps.jsbyannanmode1view_mob

GET
H/1.1 200
OK byapps_MA_sdk.3.x.php Show response
malog.byapps.co.kr/js/ 7 KB
8 KB 2338ms
266ms Script
text/html 115.68.78.52
SMILESERV-AS-KR S...

General

Check archive.org

Show headers Download Go to

Full URL: https://malog.byapps.co.kr/js/byapps_MA_sdk.3.x.php?mid=annanmode
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 115.68.78.52 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
Software: nginx/1.25.3 / PHP/7.4.33
Resource Hash: 37a905a49e746668a0eadab1a32cbb454c9daf03637f14638e596c8c601cd7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
server: nginx/1.25.3
x-powered-by: PHP/7.4.33
transfer-encoding: chunked
access-control-max-age: 3628800
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 SMScustomJs_annanmode.js Show response
m.annanmode.com/SkinImg/ 264 KB
51 KB 641ms
638ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/SkinImg/SMScustomJs_annanmode.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 69a2de0fd28f14c641e37b071794b5a0c22dc0fc9eb33de52b4ccedcf3f164fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 11:34:54 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-hits: 140
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 51681
x-hurl: /SkinImg/SMScustomJs_annanmode.jsbyannanmode1view_mob

GET
H2 200 swiper.js Show response
m.annanmode.com/js/ 138 KB
35 KB 640ms
637ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/js/swiper.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
last-modified: Mon, 06 Sep 2021 08:13:00 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-hits: 135
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 35908
x-hurl: /js/swiper.jsbyannanmode1view_mob

GET
H/1.1 200
OK AuthSSLManager.js Show response
login2.cafe24ssl.com/crypt/ 5 KB
5 KB 1158ms
302ms Script
application/javascript 61.74.67.204
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://login2.cafe24ssl.com/crypt/AuthSSLManager.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.74.67.204 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: nginx /
Resource Hash: 399f942cc739d9681501935cff722744e61477165db86bfff5fdd7a4b198b777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:44 GMT
Last-Modified: Wed, 07 Sep 2011 01:11:00 GMT
Server: nginx
ETag: "5400e5-12f3-4ac4f9dff7100"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4851

GET
H/1.1 200
OK AuthSSLManager.plugin.js Show response
login2.cafe24ssl.com/crypt/ 2 KB
2 KB 1150ms
300ms Script
application/javascript 61.74.67.204
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://login2.cafe24ssl.com/crypt/AuthSSLManager.plugin.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.74.67.204 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: nginx /
Resource Hash: 932f8c25f1bb080962df4e0c2c9f26a80b09d8d7930293d58e8ac28cc59c21c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:44 GMT
Last-Modified: Wed, 07 Sep 2011 01:11:42 GMT
Server: nginx
ETag: "4407a-78a-4ac4fa0804f80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1930

GET
H2 200 ld.js Show response
static.criteo.com/js/ld/ 46 KB
15 KB 346ms
71ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.com/js/ld/ld.js

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 10 Oct 2023 15:11:46 GMT
server: nginx
etag: W/"652569b2-b614"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 25 Jan 2024 01:47:44 GMT

GET
H2 200 kp.js Show response
t1.daumcdn.net/kas/static/ 63 KB
16 KB 595ms
31ms Script
text/javascript 2a02:26f0:3100::1735:2899
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/kas/static/kp.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2899 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 74cdf403328e05d3e0396d654cf9e5b9a6f7abb040f13b2bdcbc296fe7ef89d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 06:41:10 GMT
server: openresty
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary: Accept-Encoding
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type: text/javascript
cache-control: max-age=1147
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDQ6bWlzczoxMA==
accept-ranges: bytes
content-length: 16370
expires: Wed, 24 Jan 2024 02:06:51 GMT

GET
H2 200 kp.js Show response
t1.daumcdn.net/adfit/static/ 63 KB
16 KB 592ms
28ms Script
text/javascript 2a02:26f0:3100::1735:2899
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/adfit/static/kp.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2899 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 74cdf403328e05d3e0396d654cf9e5b9a6f7abb040f13b2bdcbc296fe7ef89d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 06:41:08 GMT
server: openresty
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary: Accept-Encoding
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type: text/javascript
cache-control: max-age=1420
x-wcss: dC1jb21tb24wMS1id2NhY2hlNzU6aGl0OjA=
accept-ranges: bytes
content-length: 16370
expires: Wed, 24 Jan 2024 02:11:24 GMT

GET
H2 200 kakao.min.js Show response
t1.kakaocdn.net/kakao_js_sdk/v1/ 111 KB
36 KB 1047ms
28ms Script
application/javascript 2a02:26f0:3100::1735:2868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2868 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 06:58:54 GMT
server: openresty
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3423
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzA6MDpjaHR0cDoxMQ==
accept-ranges: bytes
content-length: 36802
expires: Wed, 24 Jan 2024 02:44:48 GMT

GET
H2 200 i18n.php Show response
m.annanmode.com/ind-script/ 1 MB
259 KB 640ms
638ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/i18n.php?lang=ko_KR&domain=front&v=2401191277

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

4c9c6eb47856d442f45cf046b66d2cc2c2e433ec90ffd1b423102439ee72f773

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 3600s
date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/i18n.php?lang=ko_KR&domain=front&v=2401191277byannanmode1view_mobDEwebpagent_pc
pragma: cache
server: openresty
x-ttl: 3600.000
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
x-anigif: webp
accept-ranges: bytes
expires: Wed, 31 Jan 2024 01:47:44 GMT

GET
H2 200 optimizer.php Show response
m.annanmode.com/ind-script/ 1 MB
258 KB 945ms
943ms Script
text/javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P9NrvUNMWRV8Tp2mDOFgjl-7ziBpJjCgOy4sd7dd3JHvb9SaWJdEBCgO2LPEcjoZnLmRaUYPpxU82LSw0uCFbpxYdBSswfXGpvPhNJy_uh3RoXJAGRJ2-_B3Qtrufn5Nfkx8nIvHVo9Wg3O5GIohqibEswapZr5CgSAo9G6pJkC6UFH4WxUXyC39mTc5PPdnv_GYslYzfW90cPHrJAxoepX2K4r6_-Cx99fTlGjwkjdQTeJTMGIVPfH0c5YyV2hcj6EmEzqwbss2CtLekFNrjuJUK7tKYKyvzcoQ9wUt1fFRhqffUmSPFCNJnnsyZkhrPMtB6jF1bCkFNQ3rs6FfQHI2apW0s-vGz9DiPjVG8Lu-DwJj0njKpMH34Br-1b8ArB3AN5YFvuY000yYsghadQ7txeeCwaQ6KeCzDgBEs1fR5Gz3fUij40iqCfBKoCR66eT9lDu360OIcABtSbSHVaOnlWEBQvnOBa8D6q3dUNz1JZqXsQf-PlJ1zAtGOPepimRCc1GUsS4Me8i4dHlTjY0Vmb1lv-sW6gxoorbvvlXxFNZSLBmgWfSw-D4biAeg1ZqGcjHIIVlSTdOyhKNq39eKos40KpeQktQYl2cdkvzr93xsJX4CLpu1WVefuLT0zGJYaftwMFSqDH_4eFehcTU4FEybg1CZ5jT-Mn9OgP5mbFAng-lDT8cT6nwVT4-QBC7SoBS6C7X7blZXi9B3rXt3DJkO7Zwu4Vou06R9cdtePsMbbfBLHFr2k8lDDdxx3h2hmYP_qVbUt5zPgj98XiVGoB_TB6mc7ouxeBl89Pi4HJgEN5X4nssFMUTkpf35VUOpYaufmrY4m4cXu33nBTTP4WEtORTOux658o7jfl16iOz56YVvj6Q7bSSu0jZn-ezZuK6XZ8E82Ryu0n01wBa5GH88wILbRHKtdyz2XZUGBi3DMu9xz_oBy_ntcoyEn58__WbpqKV0cgaAQ4QKLAiPgDz28xparVR7J8kQe1CLqbfr4mC9L1FjI2NBYQhthwx8W8vmC5MJDnHSl6Gm4A9nMjw3eMcoVmWDmB2hwbA5aDvS1jFmY-3Ypa9zliziF7FFFxd5SrlFJXZOOk-ufsjt7a08g_B3TE2Qn4bn12ER5qCe75o2wVLe6oPk6UiAbyBRGWGTAV5YUno_o3I8t_MHDngNgM6PQbRuFc3Wku34LdJuEdzFqKNp-3-0e9k_C-t0JP3bCSuMnoruDhvSy2_UYFP2hYwFDDcK7JHuZzJjFyONOS8HjjXzlkf8A&type=js&k=d7c18f09cfe7ce87fccdc53387d7966142541d75&t=1702944417

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

888d75aecd5176a84f63277535516ba6ac90c0684e2b092cb16b06a1ad01b8e2

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
content-length: 262237
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer.php?filename=zVjbbuM2EH1P9NrvUNMWRV8Tp2mDOFgjl-7ziBpJjCgOy4sd7dd3JHvb9SaWJdEBCgO2LPEcjoZnLmRaUYPpxU82LSw0uCFbpxYdBSswfXGpvPhNJy_uh3RoXJAGRJ2-_B3Qtrufn5Nfkx8nIvHVo9Wg3O5GIohqibEswapZr5CgSAo9G6pJkC6UFH4WxUXyC39mTc5PPdnv_GYslYzfW90cPHrJAxoepX2K4r6_-Cx99fTlGjwkjdQTeJTMGIVPfH0c5YyV2hcj6EmEzqwbss2CtLekFNrjuJUK7tKYKyvzcoQ9wUt1fFRhqffUmSPFCNJnnsyZkhrPMtB6jF1bCkFNQ3rs6FfQHI2apW0s-vGz9DiPjVG8Lu-DwJj0njKpMH34Br-1b8ArB3AN5YFvuY000yYsghadQ7txeeCwaQ6KeCzDgBEs1fR5Gz3fUij40iqCfBKoCR66eT9lDu360OIcABtSbSHVaOnlWEBQvnOBa8D6q3dUNz1JZqXsQf-PlJ1zAtGOPepimRCc1GUsS4Me8i4dHlTjY0Vmb1lv-sW6gxoorbvvlXxFNZSLBmgWfSw-D4biAeg1ZqGcjHIIVlSTdOyhKNq39eKos40KpeQktQYl2cdkvzr93xsJX4CLpu1WVefuLT0zGJYaftwMFSqDH_4eFehcTU4FEybg1CZ5jT-Mn9OgP5mbFAng-lDT8cT6nwVT4-QBC7SoBS6C7X7blZXi9B3rXt3DJkO7Zwu4Vou06R9cdtePsMbbfBLHFr2k8lDDdxx3h2hmYP_qVbUt5zPgj98XiVGoB_TB6mc7ouxeBl89Pi4HJgEN5X4nssFMUTkpf35VUOpYaufmrY4m4cXu33nBTTP4WEtORTOux658o7jfl16iOz56YVvj6Q7bSSu0jZn-ezZuK6XZ8E82Ryu0n01wBa5GH88wILbRHKtdyz2XZUGBi3DMu9xz_oBy_ntcoyEn58__WbpqKV0cgaAQ4QKLAiPgDz28xparVR7J8kQe1CLqbfr4mC9L1FjI2NBYQhthwx8W8vmC5MJDnHSl6Gm4A9nMjw3eMcoVmWDmB2hwbA5aDvS1jFmY-3Ypa9zliziF7FFFxd5SrlFJXZOOk-ufsjt7a08g_B3TE2Qn4bn12ER5qCe75o2wVLe6oPk6UiAbyBRGWGTAV5YUno_o3I8t_MHDngNgM6PQbRuFc3Wku34LdJuEdzFqKNp-3-0e9k_C-t0JP3bCSuMnoruDhvSy2_UYFP2hYwFDDcK7JHuZzJjFyONOS8HjjXzlkf8A&type=js&k=d7c18f09cfe7ce87fccdc53387d7966142541d75&t=1702944417byannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Tue, 19 Dec 2023 00:06:57 GMT
server: openresty
x-ttl: 300.000
etag: "877bd77fba5124bce61353af6b2689efb972d940"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:44 GMT

GET
H2 200 optimizer_user.php Show response
m.annanmode.com/ind-script/ 10 KB
4 KB 944ms
943ms Script
text/javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/optimizer_user.php?filename=pc27EcMwDATRAqjUdVzgyOXwc0NRAxAeggzUvaQW7Gyjt9hNCeawnMORzth77GqF-K4kLYd9qsALQ6G32qGWmvD9weF3lyWEUhMHxGrr2-Ev_I5KPG1NpOgtP4dsqvYvmpdP04eLdZC3dgE&type=js&k=38a24a776e207407292a217952344e1b7a5728f5&t=1695020820&user=T

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

9afaa278ea0e074ecd69f4aed8c558bcd645c220bcd8e1bdbc7b82fe3fb1ec4f

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
content-length: 3788
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer_user.php?filename=pc27EcMwDATRAqjUdVzgyOXwc0NRAxAeggzUvaQW7Gyjt9hNCeawnMORzth77GqF-K4kLYd9qsALQ6G32qGWmvD9weF3lyWEUhMHxGrr2-Ev_I5KPG1NpOgtP4dsqvYvmpdP04eLdZC3dgE&type=js&k=38a24a776e207407292a217952344e1b7a5728f5&t=1695020820&user=Tbyannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Mon, 18 Sep 2023 07:07:00 GMT
server: openresty
x-ttl: 300.000
etag: "1aec61f1e6a5fab9e98aa4fb7c71bab190779c20"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 717 B
466 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 01:38:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 01:47:44 GMT

GET
H2 200 production.min.js Show response
static.recopick.com/dist/ 54 KB
55 KB 114ms
37ms Script
application/javascript 18.245.60.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.recopick.com/dist/production.min.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70f0ecc878b279d5143ec1fce7ce30836aa5c34e6c1d71321e9ab114b8dbb4a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:43:10 GMT
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jan 2024 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 68674
x-amz-server-side-encryption: AES256
etag: "f527140f065f7c11dbe037b3506bb00f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 55516
x-amz-cf-id: KeeDGD5YOkHeNQSZjfBCIkjPyrhjMw0GwyQki0h_ryaZLb6QQeelAQ==

GET
H2 200 kg_kakaosync_8afd74f5-7043-4a6b-8ecd-238fdb32495c.js Show response
storage.keepgrow.com/admin/kakaosync/ 9 KB
9 KB 24ms
24ms Script
application/javascript 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.keepgrow.com/admin/kakaosync/kg_kakaosync_8afd74f5-7043-4a6b-8ecd-238fdb32495c.js
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/keepgrow-service/keepgrow-service_50875f61-e61a-475f-bcaf-4ce4458bbbe4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a4664dfeeddafe56a17d6e53c6fe3dd27aefc359dceaf8f7c8621bba26c1ef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: G0ybeICvCgjQlqp5Z0XLmJXcwDF9nTrS
date: Tue, 23 Jan 2024 08:44:38 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jan 2024 05:48:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61387
x-amz-server-side-encryption: AES256
etag: "57c24dabcf57ef9f3d67d1b678733f90"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9209
x-amz-cf-id: kQ6zTQ3WiJlOB4iSM-XvbYs6yo36AgKqZONvjFFIKJLdgPA1J5CztQ==

GET
H2 404 bdTwqfBUWXPHNS8qTNHcsNMy.js
m.annanmode.com/web/upload/dfloor_apps/banner/ 0
0 941ms
940ms Script
text/html 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/web/upload/dfloor_apps/banner/bdTwqfBUWXPHNS8qTNHcsNMy.js?v=0.4502673433026878
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
server: openresty
x-hits: 0
x-cache: MISS
content-type: text/html
x-anigif: webp
content-length: 552
x-hurl: /web/upload/dfloor_apps/banner/bdTwqfBUWXPHNS8qTNHcsNMy.js?v=0.4502673433026878byannanmode

GET
H2 200 kg_kakaosyncInit_pc.js Show response
storage.keepgrow.com/admin/kakaosync/init/ 44 KB
44 KB 29ms
29ms Script
application/javascript 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.keepgrow.com/admin/kakaosync/init/kg_kakaosyncInit_pc.js
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/kg_kakaosync_8afd74f5-7043-4a6b-8ecd-238fdb32495c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e2d07d2cb32d7d836521305c66e9d452761e54a55d26702d557668aeddca19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: WCONA2nzbw.8c2Sofcte.pnCrJlc5uRh
date: Tue, 23 Jan 2024 06:38:23 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 04:09:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 68962
x-amz-server-side-encryption: AES256
etag: "218910ff4b200fbd5e1ad640ecf24427"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 44736
x-amz-cf-id: WqzMRmGk-wh7Sgx1Gdhjoscpru6zSacfO7Ghoi9R0YrimLGWmwvW5g==

GET
H2 200 kg_kakaosyncStyle_pc.css
storage.keepgrow.com/admin/kakaosync/css/ 20 KB
21 KB 25ms
25ms Stylesheet
text/css 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/kg_kakaosync_8afd74f5-7043-4a6b-8ecd-238fdb32495c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ed80ff897e6bf92a18359e6954c0787a6ae4e687f8335e277cac6e9cab21f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: oJISuId5STCFfxE9KINdC9wU2I1A2Ila
date: Tue, 23 Jan 2024 06:47:47 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 04:09:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 68398
x-amz-server-side-encryption: AES256
etag: "78c8b54ab163aba02792e1a3f9282c93"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 20820
x-amz-cf-id: IlvMtPWYJZQlkWbKzWvOdXshg9kK_V8wDKQGEZElhlUVab2BzlM8dw==

GET
H3 200 css2
fonts.googleapis.com/ 374 KB
92 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Requested by

Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b416f54960c9aaf84eb52b93bebae5c28365bd29496bd8f7482b8da229b5346c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 01:47:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 01:47:44 GMT

GET
H2 200 1688107014259.png
storage.keepgrow.com/b05111a361154013822074da016e245a/processes/ 6 KB
7 KB 26ms
25ms Image
image/png 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/b05111a361154013822074da016e245a/processes/1688107014259.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb61ae019f5d7f280152f89681544d7fbef4e1f49f9a6f22e87cca4bcc2c7752

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:17:37 GMT
x-amz-version-id: zJqAu1uJ0NDq6kQPHhYqZ72K2gHnAUr1
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Fri, 30 Jun 2023 06:36:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 34207
etag: "a0761a7b9be1246080de34de95d141a6"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6408
x-amz-cf-id: qoPQH8bJ4Jml5GgCBga69akmKyMgsr2eOsj89yfzlhlc-cxwbsVs1g==

GET
H2 200 1615797770065.jpg
storage.keepgrow.com/b05111a361154013822074da016e245a/processes/ 28 KB
28 KB 23ms
22ms Image
image/jpeg 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/b05111a361154013822074da016e245a/processes/1615797770065.jpg
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90bf2b274ce0c3c273000de7c5f43570557a670a9056e4c603e30e85d67abec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 1ktX50m1WFC.8mLmLOPNPV9IF_djmYpY
date: Wed, 24 Jan 2024 00:21:53 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Mon, 15 Mar 2021 08:42:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 5152
etag: "db0b00cc4d891fb313fa1a47b56f45d2"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 28710
x-amz-cf-id: _w-5XoWYNcNKjaIwJ7k0kU3wdE0FuoOyMCD3MIxEgx2Hz4X4ss4lTw==

GET
H2 200 20231012052200390.gif
storage.keepgrow.com/admin/ 7 MB
7 MB 23ms
22ms Image
image/gif 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20231012052200390.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17b214b4e252dff5b5e023943c9d0e686579aaa1e15f1074b80fb79224436367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: bnULzEZcXC0RWpQ_7GSWv2xlBQBdyX3N
date: Tue, 23 Jan 2024 05:28:40 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 05:22:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 73309
x-amz-server-side-encryption: AES256
etag: "bcef76dd29150b77a0fcdf7b061081dc"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 7321317
x-amz-cf-id: j8iqpphFLFXJNk32ifdJXoykLWM1JUR3JZK_xps1-65OW-6m_P2qaw==

GET
H2 200 20231012052222331.png
storage.keepgrow.com/admin/ 814 KB
816 KB 24ms
24ms Image
image/png 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20231012052222331.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22fb1da959aa34531d6a03ec942e42e51973b25e90ac722dbbf4a6dc2013714a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: .Roe.HaWd3Cb0Ju_NwK8_zBVtQZTVdBg
date: Tue, 23 Jan 2024 13:09:30 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 05:22:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 46271
x-amz-server-side-encryption: AES256
etag: "375189963b0269e17e0ea7dcecb4236e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 833917
x-amz-cf-id: sYiFtqQHy0Sz2R_uO4-QEeutvJVQQFnGH1XUQ677ZzySsQJfckRSHQ==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 123084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 15:36:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPZ9YE2TZX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109755209-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

caa8a3e37f2e506a4b7a37d3f07b944b913267e7d52b2a3014ab98415946f801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 01:47:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
70ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109755209-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7175
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jan 2024 01:48:09 GMT

GET
H2 200 20230625233259293.png
storage.keepgrow.com/admin/ 357 B
742 B 68ms
65ms Image
image/png 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20230625233259293.png
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d89570e3c368362cfa868b839ee66421e2e5b77af40ee28b9c8f2291d152c2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qP2odj0lldNn37.KHXLHD3SUFgh4hx0W
date: Tue, 23 Jan 2024 05:28:41 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 23:33:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 73309
x-amz-server-side-encryption: AES256
etag: "da92910c442a40b10b2a1961810476e3"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 357
x-amz-cf-id: XFNsL0uIBHYedO-_8lQaaFiyy_OtSLSIJw7xuHKe625-6MqnyG6ODA==

GET
H2 200 20230625234558976.png
storage.keepgrow.com/admin/ 486 B
879 B 68ms
66ms Image
image/png 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20230625234558976.png
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8998313b74281b57426a8401eeefbfa8f2c57d06ee1f4be0113861342f071c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5yiD3ke0S.2Ux..IWoWeFojGGcGqeaZa
date: Tue, 23 Jan 2024 04:09:53 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Sun, 25 Jun 2023 23:46:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 77872
x-amz-server-side-encryption: AES256
etag: "18f2fcc08e9c574284fcc4a9def14407"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 486
x-amz-cf-id: rnkqwFQxg9pjNCOCeKf0EuKswUgO2gqOjFv3Sa61QVTT08mDUuyBng==

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 25ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:38:23 GMT
x-content-type-options: nosniff
age: 18561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16700
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 20:38:23 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 41ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 23:02:03 GMT
x-content-type-options: nosniff
age: 96341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14504
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:19:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 23:02:03 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2
fonts.gstatic.com/s/notosanskr/v36/ 25 KB
25 KB 30ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5CgmG0X7t.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:28:04 GMT
x-content-type-options: nosniff
age: 368380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25948
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:36:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 19:28:04 GMT

GET
H2 200 20200611043456590.svg
storage.keepgrow.com/admin/campaign/ 300 B
671 B 68ms
66ms Image
image/svg+xml 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/campaign/20200611043456590.svg
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32805bc07abd36124605ffcf00c3cb96ec1b2d49015c810cda213eae8ac81ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Nm9WF5cDbqxLHitUfPEvABVPzcYR2iHO
date: Tue, 23 Jan 2024 13:08:39 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 04:37:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 45546
etag: "243eb30d36426194e3248b39f839d60e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 300
x-amz-cf-id: -AZJc3VWli3opPyU52pH58neBUak0eyfnkZ68FbOFZJ5OeKdXeN3Bg==

GET
H2 200 20230627004811200.svg
storage.keepgrow.com/admin/ 253 B
652 B 67ms
66ms Image
image/svg+xml 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20230627004811200.svg
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3fde8d6d0a717a371c6195411c563abf9c1e4cce5c61ff7dd905a6acdbdd2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: tUdzK__bekK1UWwyMHR9GyH3LZtoB4J1
date: Tue, 23 Jan 2024 07:43:32 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 00:48:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 65052
x-amz-server-side-encryption: AES256
etag: "4281aaa5143660ed0f09120bd9fa7d6f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 253
x-amz-cf-id: jGqm_K08uJ3AKxAKmGG0emQbQLu_GvLgEmVt4JEFJMrDjXhQRskm_g==

GET
H2 200 20230203104013439.png
storage.keepgrow.com/admin/ 277 B
672 B 67ms
66ms Image
image/png 18.245.86.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.keepgrow.com/admin/20230203104013439.png
Requested by: Host: storage.keepgrow.com
URL: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b27f074839b488971b488a220304026eea138032d8813f3d97742e4bdabb05d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://storage.keepgrow.com/admin/kakaosync/css/kg_kakaosyncStyle_pc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: GAKC562nw_LVOirbv3aowP5pRLzCkCCy
date: Tue, 23 Jan 2024 03:04:04 GMT
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 10:40:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 81820
x-amz-server-side-encryption: AES256
etag: "4cffe2d4bcc4b93bea0e64583589a859"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 277
x-amz-cf-id: sFhu58g3JkLF0XWPrR-_4J0XhYxHfDVyqEsTmPH5olPha1S689Bhog==

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
fonts.gstatic.com/s/notosanskr/v36/ 14 KB
14 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:35:13 GMT
x-content-type-options: nosniff
age: 7951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14328
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:22:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:35:13 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 51ms
50ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:02:10 GMT
x-content-type-options: nosniff
age: 92734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16140
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:21:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 00:02:10 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 71ms
69ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:41:58 GMT
x-content-type-options: nosniff
age: 7546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16312
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:41:58 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2
fonts.gstatic.com/s/notosanskr/v36/ 17 KB
17 KB 58ms
57ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:38:23 GMT
x-content-type-options: nosniff
age: 18561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17332
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:42:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 20:38:23 GMT

GET
H2 200 PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2
fonts.gstatic.com/s/notosanskr/v36/ 16 KB
16 KB 67ms
66ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanskr/v36/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+KR:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.annanmode.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:27:55 GMT
x-content-type-options: nosniff
age: 440389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15968
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:27:55 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 93ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EPZ9YE2TZX&gtm=45je41m0h2v9125792639&_p=1706060864251&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1367821912.1706060864&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1706060864&sct=1&seg=0&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2980
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPZ9YE2TZX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 29ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1419494407&t=pageview&_s=1&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&ul=en-us&de=UTF-8&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=133462181&gjid=1034406109&cid=1367821912.1706060864&tid=UA-109755209-1&_gid=96583092.1706060865&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&jsscut=1&z=1542505564

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ 23 KB
8 KB 29ms
28ms Script
application/javascript 23.48.23.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-45.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:29:59 GMT
Server: nginx
ETag: "65ae1977-5b74"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=861
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7637
Expires: Wed, 24 Jan 2024 02:02:06 GMT

GET
H2 200 close.gif
m.annanmode.com/SkinImg/img/ 2 KB
2 KB 926ms
925ms Image
image/gif 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/SkinImg/img/close.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 01f689be7001469ec24b50b6b1d2ccdaffc6af6c34120167f9a80ec832bfa37a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 22:03:24 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:37 GMT
server: openresty
x-ttl: 7200.000
x-hits: 302
x-cache: HIT
content-type: image/gif
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 1712
x-hurl: /SkinImg/img/close.gifbyannanmode1view_mob

GET
H2 200 down_arr.png
m.annanmode.com/SkinImg/img/ 1 KB
2 KB 926ms
925ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/SkinImg/img/down_arr.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: d4edcf187ca40e953bdaca2bc3ac27925e36b09353602b65a13125ffdca543cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 18:14:54 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:36 GMT
server: openresty
x-ttl: 7200.000
x-hits: 264
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 1405
x-hurl: /SkinImg/img/down_arr.pngbyannanmode1view_mob

GET
H2 200 menu_t.png
m.annanmode.com/m-um/ 513 B
787 B 926ms
926ms Image
image/png 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/m-um/menu_t.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 31c4382630804d018ff6b6d91b1c7d8b42410c93e8b8ecfb2034cf79cb37155c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_standard_annanmode.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 22:03:09 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 305
x-cache: HIT
content-type: image/png
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 513
x-hurl: /m-um/menu_t.pngbyannanmode1view_mob

GET
H2 200 ico_toggle_arrow_down.png
img.echosting.cafe24.com/skin/mobile_ko_KR/member/ 1 KB
1 KB 45ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile_ko_KR/member/ico_toggle_arrow_down.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer_user.php?filename=tZI7DgMhEEP7JW3OMUWq3CBV7sDHWpAYBjFQcPugzRXY0i6eLcsUhUHwZiiakpu2FFtYAqgOl5M3sXMmDTABms5CLC5lvN7kVZcII4MY7NAoy5nKY_lP2oOdGqWStID2Sdqlza9sCcl2yujkrCZ_JXphlv3Yv7Ed60bvN7Stdk1rO7aD4Y8lcETkehu8tvUaf439Aw&type=css&k=3979f6dd0ff66f1b503e62ab3cdaf51c3feac7d9&t=1703653005&user=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b1651e1f0e9d7ca3d20126df0dce5b8cde6a4b3e864b0509e587575c5246cd10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Wed, 13 Aug 2014 01:12:45 GMT
server: AkamaiNetStorage
etag: "11fee21757a14ff47a230d670cca92d0:1562036685.921774"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1226

GET
H2 200 ico_btn_naver.png
img.echosting.cafe24.com/skin/mobile_ko_KR/member/ 1 KB
1 KB 45ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile_ko_KR/member/ico_btn_naver.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 876f24ae1a71149e0e9c92f1d45c4063a68018090ab23e2a070150d79b713fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Wed, 18 Nov 2015 05:56:28 GMT
server: AkamaiNetStorage
etag: "4d4fc3f0ff81761497ee2f07a78c53fa:1562036684.5534"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1315

GET
H2 200 ico_btn_kakao.png
img.echosting.cafe24.com/skin/mobile/member/ 1 KB
1 KB 45ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile/member/ico_btn_kakao.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 06a4908b7e76204a1a6179ae49399342304fd917dd27bd012c156c133b473b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Tue, 12 Jul 2016 06:39:37 GMT
server: AkamaiNetStorage
etag: "4bbb5ea77ca50201e88e4db865552684:1562036473.995905"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1162

GET
H2 200 ico_btn_apple.png
img.echosting.cafe24.com/skin/mobile/member/ 2 KB
2 KB 45ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/mobile/member/ico_btn_apple.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer_user.php?filename=tZI7DgMhEEP7JW3OMUWq3CBV7sDHWpAYBjFQcPugzRXY0i6eLcsUhUHwZiiakpu2FFtYAqgOl5M3sXMmDTABms5CLC5lvN7kVZcII4MY7NAoy5nKY_lP2oOdGqWStID2Sdqlza9sCcl2yujkrCZ_JXphlv3Yv7Ed60bvN7Stdk1rO7aD4Y8lcETkehu8tvUaf439Aw&type=css&k=3979f6dd0ff66f1b503e62ab3cdaf51c3feac7d9&t=1703653005&user=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cbda053f96c9f37e0b1ccdd76e1ce03e317819f601582d5bfa7531779c25119a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Thu, 18 Jun 2020 07:58:52 GMT
server: AkamaiNetStorage
etag: "9a990ed76518bedc26aa6df28ed62f55:1592514177.758173"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1801

GET
H2 200 login_id_join.gif
m.annanmode.com/SkinImg/img/ 2 KB
3 KB 925ms
924ms Image
image/gif 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/SkinImg/img/login_id_join.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_base.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 560dc76e053e80d8e6d17f8019031f0887bd6698457b9f518c61d1c2f2a07ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 31 Jan 2024 00:40:25 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:38 GMT
server: openresty
x-ttl: 7200.000
x-hits: 21
x-cache: HIT
content-type: image/gif
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2344
x-hurl: /SkinImg/img/login_id_join.gifbyannanmode1view_mob

GET
H2 200 login_id_check.gif
m.annanmode.com/SkinImg/img/ 2 KB
3 KB 925ms
924ms Image
image/gif 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/SkinImg/img/login_id_check.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_base.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: f60a91364c1a3d1882d5146550072519c5f9300f52dd7a11428946777fc870c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 31 Jan 2024 00:40:25 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:37 GMT
server: openresty
x-ttl: 7200.000
x-hits: 21
x-cache: HIT
content-type: image/gif
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 2498
x-hurl: /SkinImg/img/login_id_check.gifbyannanmode1view_mob

GET
H2 200 login_id_order.gif
m.annanmode.com/SkinImg/img/ 2 KB
2 KB 925ms
924ms Image
image/gif 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.annanmode.com/SkinImg/img/login_id_order.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/SkinImg/SMS_base.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 29b21592fff4ab119700e288a5a33da93b7b4adb8c6958305c1447f399df7142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/SkinImg/SMS_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 31 Jan 2024 00:40:25 GMT
date: Wed, 24 Jan 2024 01:47:45 GMT
last-modified: Mon, 06 Sep 2021 07:56:37 GMT
server: openresty
x-ttl: 7200.000
x-hits: 20
x-cache: HIT
content-type: image/gif
cache-control: max-age=604800
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
content-length: 1945
x-hurl: /SkinImg/img/login_id_order.gifbyannanmode1view_mob

POST
H2 204 b
wcs.naver.com/ 0
629 B 1277ms
255ms Ping
text/plain 210.89.167.46
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H2 200 0ad36ce541b2c75f697ca391f0a6e847.js Show response
m.annanmode.com/web/upload/appfiles/ZaReJam3QiELznoZeGGkMG/ 37 KB
14 KB 1188ms
1188ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.annanmode.com/web/upload/appfiles/ZaReJam3QiELznoZeGGkMG/0ad36ce541b2c75f697ca391f0a6e847.js?v=0.28851291463409745
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: openresty /
Resource Hash: 66fe7afc64972ab068f177ad9791d87d03f4c008e2f10bf6cc1bf54a7875ecd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:45 GMT
content-encoding: gzip
last-modified: Thu, 18 Jan 2024 08:05:34 GMT
server: openresty
x-ttl: 7200.000
vary: Accept-Encoding
x-cache: MISS
content-type: application/x-javascript
x-hits: 0
x-iscacheurl: YES
x-anigif: webp
accept-ranges: bytes
x-hurl: /web/upload/appfiles/ZaReJam3QiELznoZeGGkMG/0ad36ce541b2c75f697ca391f0a6e847.js?v=0.28851291463409745byannanmode

GET
H2 200 loginSns.html Show response
m.annanmode.com/protected/ Frame A2AE 157 KB
40 KB 436ms
435ms Document
text/html 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/protected/loginSns.html?__popupPage=T

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

caf5d0e6f2303e4e6f84b8b5c0454f96f03fb5515e79956563c8cd36651f35fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 01:47:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 24 Jan 2024 01:47:46 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: openresty
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-anigif: webp
x-cache: MISS
x-cache-valid: YES
x-content-type-options: nosniff
x-hits: 0
x-hrpcs-signal: 1
x-hrpcs-ttl: 300s
x-hurl: /protected/loginSns.html?__popupPage=Tbyannanmode1view_mobDEwebpagent_pc
x-iscacheurl: YES
x-ttl: 300.000
x-xss-protection: 1;mode=block

GET
H/1.1 200
OK byapps_MA_sdk.3.x.php Show response
malog.byapps.co.kr/js/ 7 KB
8 KB 487ms
250ms Script
text/html 115.68.78.52
SMILESERV-AS-KR S...

General

Check archive.org

Show headers Download Go to

Full URL: https://malog.byapps.co.kr/js/byapps_MA_sdk.3.x.php?mid=annanmode
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 115.68.78.52 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
Software: nginx/1.25.3 / PHP/7.4.33
Resource Hash: 37a905a49e746668a0eadab1a32cbb454c9daf03637f14638e596c8c601cd7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
server: nginx/1.25.3
x-powered-by: PHP/7.4.33
transfer-encoding: chunked
access-control-max-age: 3628800
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

POST
H2 204 b
wcs.naver.com/ 0
629 B 258ms
257ms Ping
text/plain 210.89.167.46
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7177
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jan 2024 01:48:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-371015573

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37bca63e9aae5856a9634aa38705292017a3c1cc22be1bfc966edea1c873ba7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75774
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:11:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 01:47:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-371015573&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109755209-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85b5f7fbd80b0b8d395aca3cf634a3041fc5a74ed2d6289e9e520edbd8430bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75868
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:11:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 01:47:46 GMT

GET
H2 204 bc
bc.ad.daum.net/ 0
0 1126ms
284ms Fetch 211.249.221.187
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to

Full URL

https://bc.ad.daum.net/bc?d=%7B%22track_id%22%3A%224808791413317124271%22%2C%22event_code%22%3A%22PageView%22%2C%22params%22%3A%7B%7D%2C%22props%22%3A%7B%22lmt%22%3A%22N%22%2C%22service_origin%22%3A%2220001%22%7D%2C%22site%22%3A%7B%22identifier%22%3A%22m.annanmode.com%22%7D%2C%22sdk%22%3A%7B%22type%22%3A%22WEB%22%2C%22version%22%3A%221.2.2%22%7D%2C%22page%22%3A%7B%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22is_frame_env%22%3Afalse%7D%2C%22device%22%3A%7B%22dnt%22%3A%22N%22%2C%22device_type%22%3A%22pc%22%2C%22is_mobile%22%3A%22N%22%7D%7D

Requested by

Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/kp.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

211.249.221.187 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://m.annanmode.com
x-kakao-aid
access-control-expose-headers: x-kakao-aid
access-control-allow-credentials: true
access-control-allow-headers: x-kakao-aid

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 185ms
115ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJRB5UBC77UDO397EH6G&lib=ttq
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f88a788ef48babac28441c2e088116891bcb4bea1bbc0fb58f91bbd93b0d643c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: d566d58.1a5757d1
date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240124014746DEF05C70785073C0C601-0D20454593B06714-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 88,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=4, inner; dur=2
content-length: 1770
pragma: no-cache
server: nginx
x-tt-logid: 20240124014746DEF05C70785073C0C601
x-cache-remote: TCP_MISS from a23-220-105-198.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.220.105.198
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc7311861a58e0ee7f0aeb33c18f08f621c4df05617e2f88e102aebb586fabd0c134fb16038e06ed6bbd929f2d12a6cfa75b3c38573c1ec98c19ae29083c0b21900850969d34439de535b6d846dd11a44fcd89d680206bcc1ec381f6de13075e80135
expires: Wed, 24 Jan 2024 01:47:46 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DC4F 14 KB
6 KB 118ms
41ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=m.annanmode.com&origin=onetag

Requested by

Host: static.criteo.com
URL: https://static.criteo.com/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.annanmode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 01:47:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 334098
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 LoginSaveid Show response
m.annanmode.com/shop1/api/member/ 57 B
747 B 342ms
341ms XHR
text/html 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/shop1/api/member/LoginSaveid

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P9NrvUNMWRV8Tp2mDOFgjl-7ziBpJjCgOy4sd7dd3JHvb9SaWJdEBCgO2LPEcjoZnLmRaUYPpxU82LSw0uCFbpxYdBSswfXGpvPhNJy_uh3RoXJAGRJ2-_B3Qtrufn5Nfkx8nIvHVo9Wg3O5GIohqibEswapZr5CgSAo9G6pJkC6UFH4WxUXyC39mTc5PPdnv_GYslYzfW90cPHrJAxoepX2K4r6_-Cx99fTlGjwkjdQTeJTMGIVPfH0c5YyV2hcj6EmEzqwbss2CtLekFNrjuJUK7tKYKyvzcoQ9wUt1fFRhqffUmSPFCNJnnsyZkhrPMtB6jF1bCkFNQ3rs6FfQHI2apW0s-vGz9DiPjVG8Lu-DwJj0njKpMH34Br-1b8ArB3AN5YFvuY000yYsghadQ7txeeCwaQ6KeCzDgBEs1fR5Gz3fUij40iqCfBKoCR66eT9lDu360OIcABtSbSHVaOnlWEBQvnOBa8D6q3dUNz1JZqXsQf-PlJ1zAtGOPepimRCc1GUsS4Me8i4dHlTjY0Vmb1lv-sW6gxoorbvvlXxFNZSLBmgWfSw-D4biAeg1ZqGcjHIIVlSTdOyhKNq39eKos40KpeQktQYl2cdkvzr93xsJX4CLpu1WVefuLT0zGJYaftwMFSqDH_4eFehcTU4FEybg1CZ5jT-Mn9OgP5mbFAng-lDT8cT6nwVT4-QBC7SoBS6C7X7blZXi9B3rXt3DJkO7Zwu4Vou06R9cdtePsMbbfBLHFr2k8lDDdxx3h2hmYP_qVbUt5zPgj98XiVGoB_TB6mc7ouxeBl89Pi4HJgEN5X4nssFMUTkpf35VUOpYaufmrY4m4cXu33nBTTP4WEtORTOux658o7jfl16iOz56YVvj6Q7bSSu0jZn-ezZuK6XZ8E82Ryu0n01wBa5GH88wILbRHKtdyz2XZUGBi3DMu9xz_oBy_ntcoyEn58__WbpqKV0cgaAQ4QKLAiPgDz28xparVR7J8kQe1CLqbfr4mC9L1FjI2NBYQhthwx8W8vmC5MJDnHSl6Gm4A9nMjw3eMcoVmWDmB2hwbA5aDvS1jFmY-3Ypa9zliziF7FFFxd5SrlFJXZOOk-ufsjt7a08g_B3TE2Qn4bn12ER5qCe75o2wVLe6oPk6UiAbyBRGWGTAV5YUno_o3I8t_MHDngNgM6PQbRuFc3Wku34LdJuEdzFqKNp-3-0e9k_C-t0JP3bCSuMnoruDhvSy2_UYFP2hYwFDDcK7JHuZzJjFyONOS8HjjXzlkf8A&type=js&k=d7c18f09cfe7ce87fccdc53387d7966142541d75&t=1702944417

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

42d84513bec1befce1a70b5db5000195e910d2806bae16e6152b5f01e6cd2914

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
x-hits: 0
x-cache: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-iscacheurl: NO
content-length: 57
x-hrpcs-signal: 2
x-xss-protection: 1;mode=block
x-hurl: /shop1/api/member/LoginSaveidbyannanmode1view_mobDEwebpagent_pc
pragma: no-cache
last-modified: Wed, 24 Jan 2024 01:47:46 GMT
server: openresty
content-type: text/html; charset=utf-8
x-cache-valid: YES
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-anigif: webp
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 uid Show response
api.recopick.com/1/ 82 B
401 B 805ms
265ms Script
text/javascript 52.192.70.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.recopick.com/1/uid?callback=rkpjson1

Requested by

Host: static.recopick.com
URL: https://static.recopick.com/dist/production.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.192.70.152 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-192-70-152.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9bac2f8ceda4f46b11e9c5093556f52dd811345aa268ee3ee9b833ccc91fd15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
x-content-type-options: nosniff
server: nginx
x-permitted-cross-domain-policies: none
etag: W/"52-KNcBj0J58W9oNdpfyIDZihv8FUQ"
expect-ct: max-age=0
p3p: CP=CAO PSA OUR
content-type: text/javascript; charset=utf-8
content-length: 82
x-xss-protection: 0

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 24 Jan 2024 02:47:46 GMT

GET
H2 200 / Show response
m.annanmode.com/exec/front/eclog/main/ Frame 8F47 3 B
1 KB 382ms
382ms Document
text/html 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/exec/front/eclog/main/?noMemberOrder&returnUrl=https://halva-4you.ru/&rloc=https%3A//m.annanmode.com/member/login.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A//halva-4you.ru/&rref=&udim=1600*1200&rserv=elg-db-svcm-159.cafe24.com&cid=CIDd30142e73d401645bfec1d7b334192cb&role_path=MEMBER_LOGIN&stype=e&shop_no=1&lang=ko_KR&ver=2&mob_flag=T

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

a80fcadcc85409d006fd531207093285316ef81c4ee7586eac3be5c8f05647c1

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 3
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 01:47:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 24 Jan 2024 01:47:46 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma: no-cache
server: openresty
x-anigif: webp
x-cache: MISS
x-cache-valid: YES
x-hits: 0
x-hrpcs-signal: 2
x-hurl: /exec/front/eclog/main/?noMemberOrder&returnUrl=https://halva-4you.ru/&rloc=https%3A//m.annanmode.com/member/login.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A//halva-4you.ru/&rref=&udim=1600*1200&rserv=elg-db-svcm-159.cafe24.com&cid=CIDd30142e73d401645bfec1d7b334192cb&role_path=MEMBER_LOGIN&stype=e&shop_no=1&lang=ko_KR&ver=2&mob_flag=Tbyannanmode1view_mobDEwebpagent_pc
x-iscacheurl: NO
x-xss-protection: 1;mode=block

GET
H2 200 cfa.js Show response
cfa-js.cafe24.com/ 11 KB
5 KB 1016ms
312ms Script
application/javascript 203.245.1.130
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa-js.cafe24.com/cfa.js?v=1706060866518

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.245.1.130 Siheung-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

d2bc5770383a23f675a336b966decd92c477d40ac921864e2582197fe015e57e

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 23:52:12 GMT
server: openresty
x-reqid: b61e5b52b8822d566fb2df4948e44a8d
etag: W/"65a8682c-2b71"
vary: Accept-Encoding
x-via: magneto-edge-krknb02-005
content-type: application/javascript
x-xss-protection: 1;mode=block

GET
H2 200 async Show response
m.annanmode.com/exec/front/manage/ 134 B
1 KB 554ms
554ms XHR
application/json 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/exec/front/manage/async?module=Basketcnt,Basketprice,BasketProduct,Wishcount,AppCommon&path_role=MEMBER_LOGIN&EC_MOBILE=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

6063432be46ca55f0d84f131a07d66d3650d5eefd62db3d3b64378ffb6230b12

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
x-hits: 0
x-cache: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-iscacheurl: NO
content-length: 134
x-hrpcs-signal: 2
x-xss-protection: 1;mode=block
x-hurl: /exec/front/manage/async?module=Basketcnt,Basketprice,BasketProduct,Wishcount,AppCommon&path_role=MEMBER_LOGIN&EC_MOBILE=truebyannanmode1view_mobDEwebpagent_pc
pragma: no-cache
last-modified: Wed, 24 Jan 2024 01:47:46 GMT
server: openresty
content-type: application/json; charset=utf-8
x-cache-valid: YES
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-anigif: webp
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/371015573/ 3 KB
2 KB 90ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/371015573/?random=1706060866541&cv=11&fst=1706060866541&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876214015&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&hn=www.googleadservices.com&frm=0&tiba=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&pscdl=noapi&auid=1677983411.1706060867&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-371015573

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d8c51c2c3a3e491d06b467411cf947bb0c861d5277a3843e64178873ec2bda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
30ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1419494407&t=pageview&_s=1&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&ul=en-us&de=UTF-8&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIJAAAAACAMI~&jid=1069300963&gjid=980195615&cid=1367821912.1706060864&tid=UA-131130805-1&_gid=96583092.1706060865&_r=1&_slc=1&z=1139749425

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 91ms
30ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-131130805-1&cid=1367821912.1706060864&jid=1069300963&gjid=980195615&_gid=96583092.1706060865&_u=aCDAAUIJAAAAACAMI~&z=876924259

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DC4F
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=annanmode.com&sn=ChromeSyncframe&so=0&topUrl=m.annanmode.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=gTYnJHxTVDRGWWpMUkZlY3llSEQ4SGVyNThrWURpWWt2b1BhVDU0aTRvdEU4cjZkcjdEaW52aG5UK2NxQk5EdHhmRnNMN2VLdHNIbTRwdlhmRWpNWTFUa2pIMnA4WUNRR3NVOFJpWWl3dVdBTXRTc1ZIcDYvc0w4VHJsbT...

433 B
652 B

41ms
41ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gTYnJHxTVDRGWWpMUkZlY3llSEQ4SGVyNThrWURpWWt2b1BhVDU0aTRvdEU4cjZkcjdEaW52aG5UK2NxQk5EdHhmRnNMN2VLdHNIbTRwdlhmRWpNWTFUa2pIMnA4WUNRR3NVOFJpWWl3dVdBTXRTc1ZIcDYvc0w4VHJsbTNCaVYvZVdzYTljSVhvWFB3SGtWbFJmRDBPZEpSOEJKTGNkQnBGNHoyNWZycXFRWmtjWDRvc2phdkQ0WkhiRVl2MUFQRUxCOUF4U2dPQ0NvNDQyS0Mxait2SjFHZkpjeGhoR3Y2VXBXbnZCSWpSVkt3Ym1zbWRReDU4SkJ1MW9ZOTFvVGFnRzRmcFVEM0FIeEVjVWlIVU5xZTBoR2s3d3JLanBFNWgzbDY5aXBqanA1MjdwVT18&cppv=2

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aedd0ce5ba0835ee181fb4dc050c525056f08bf0868c4c4229a388c7d520d1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1401854
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gTYnJHxTVDRGWWpMUkZlY3llSEQ4SGVyNThrWURpWWt2b1BhVDU0aTRvdEU4cjZkcjdEaW52aG5UK2NxQk5EdHhmRnNMN2VLdHNIbTRwdlhmRWpNWTFUa2pIMnA4WUNRR3NVOFJpWWl3dVdBTXRTc1ZIcDYvc0w4VHJsbTNCaVYvZVdzYTljSVhvWFB3SGtWbFJmRDBPZEpSOEJKTGNkQnBGNHoyNWZycXFRWmtjWDRvc2phdkQ0WkhiRVl2MUFQRUxCOUF4U2dPQ0NvNDQyS0Mxait2SjFHZkpjeGhoR3Y2VXBXbnZCSWpSVkt3Ym1zbWRReDU4SkJ1MW9ZOTFvVGFnRzRmcFVEM0FIeEVjVWlIVU5xZTBoR2s3d3JLanBFNWgzbDY5aXBqanA1MjdwVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 307625
content-length: 0
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/371015573/ 42 B
455 B 109ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/371015573/?random=1706060866541&cv=11&fst=1706058000000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876214015&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&frm=0&tiba=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_22K73HO8Ds1OygL8Osznlph61OM5Ug&random=1782866739&rmt_tld=0&ipr=y

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/371015573/ 42 B
455 B 105ms
29ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/371015573/?random=1706060866541&cv=11&fst=1706058000000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v876214015&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&frm=0&tiba=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_22K73HO8Ds1OygL8Osznlph61OM5Ug&random=1782866739&rmt_tld=1&ipr=y

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWI0MWYzMDk5MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 398 KB
104 KB 29ms
28ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJRB5UBC77UDO397EH6G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0d8f1e9f5418eb1ed8419bd7ed548bc711b06503620133d211dc124c551fbbb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1a5758f3
date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024012315154264BC45938B43369967FE
x-tt-trace-id: 00-24012315154264BC45938B43369967FE-2C7EDB55FEFFA63B-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01476898453b59740a5a1f5193190effb89cb38a341952fa1e1dff5e4bc3f2f7346bc8867bc97762da93545fd6bce50f508a580fd0c97a464c22ddc805a01f1b12739e981fff0c351004806f778dcdcdf9a236fc6bdf6ef71706579b134abb4c4e
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 105819

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 70ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-131130805-1&cid=1367821912.1706060864&jid=1069300963&_u=aCDAAUIJAAAAACAMI~&z=2004290546

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
30ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-131130805-1&cid=1367821912.1706060864&jid=1069300963&_u=aCDAAUIJAAAAACAMI~&z=2004290546

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQl...
https://widget.as.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQl...

10 KB
5 KB

914ms
305ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQld6TzhmMFpaOGJIWGNRWUxFYiUyRnhUemJPMnBScXV1N1daZkxMdFZHZjlvZjlsQ0szdlY0VWdJREJLbGR6V1pEck8zYUxjc2RLRkUxeHhvdkRpcEZndGtMU3ZLVFElMkJjbjNocGZnJTNEJTNE&tld=annanmode.com&fu=https%253A%252F%252Fm.annanmode.com%252Fmember%252Flogin.html%253FnoMemberOrder%2526amp%253BreturnUrl%253Dhttps%253A%252F%252Fhalva-4you.ru%252F&ceid=62dd68cd-5ec3-4492-af9d-efe0625eab2a&dtycbr=26287

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

1609d044b3046d3d846de7ae5c9991dc6d80466570c310307263066dec700f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 15513725
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.as.criteo.com/event?a=15023&v=5.20.0&p0=e%3Dexd%26site_type%3Dm&p1=e%3Dvpg&p2=e%3Ddis&adce=1&bundle=P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQld6TzhmMFpaOGJIWGNRWUxFYiUyRnhUemJPMnBScXV1N1daZkxMdFZHZjlvZjlsQ0szdlY0VWdJREJLbGR6V1pEck8zYUxjc2RLRkUxeHhvdkRpcEZndGtMU3ZLVFElMkJjbjNocGZnJTNEJTNE&tld=annanmode.com&fu=https%253A%252F%252Fm.annanmode.com%252Fmember%252Flogin.html%253FnoMemberOrder%2526amp%253BreturnUrl%253Dhttps%253A%252F%252Fhalva-4you.ru%252F&ceid=62dd68cd-5ec3-4492-af9d-efe0625eab2a&dtycbr=26287
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 25236965
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-180717160-1

Requested by

Host: malog.byapps.co.kr
URL: https://malog.byapps.co.kr/js/byapps_MA_sdk.3.x.php?mid=annanmode

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67eb93f26b86cb08c3238169f4c48f3c41e365d06dbf083a67adf99fb1376b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69393
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:11:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 01:47:46 GMT

GET
H2 200 identify_0a875.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 45ms
31ms Script
application/javascript 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1a5759e8
date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401231515446A5F9594963C1C97A7E4
x-tt-trace-id: 00-2401231515446A5F9594963C1C97A7E4-6E9507D48E434750-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01df44dae11d3c200464c328a8af956f9110aadf24e1a9456eced2c49e1ba927580babd73faf3270bc93758032b9846a20f242bbad2e131ad8eec0db9ab4d3f30f59739437f9df094ba4f22abfd68eaf2b40444fa623d2eddffc045239171bf331
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37074

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
960 B 227ms
127ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 26eff2a.80e0276
date: Wed, 24 Jan 2024 01:47:47 GMT
x-bytefaas-request-id: 20240124014746276A376996FA56BE1089
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240124014746276A376996FA56BE1089-754783CFE60EA8C9-00
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-parent-response-time: 94,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=8, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240124014746276A376996FA56BE1089
x-cache-remote: TCP_MISS from a23-32-17-50.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.06
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc73151bf7edd16fa5404b0b6bd5e9936fe9c6d211d3b511967b693a94725bd4596ab45747ac5ae9847c3ad3ed77544476c859b13acd64967892b7cbae0aca4aebe62d49df7640070fa72d5594c28b1b8f27bb618a030800fffa6a614f3e909643d7a
x-origin-response-time: 8,23.32.17.50
access-control-allow-headers: *
expires: Wed, 24 Jan 2024 01:47:47 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 355ms
354ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1a575a12
date: Wed, 24 Jan 2024 01:47:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24012401474660399BE1007B4BBE7513-46530A12D8DF6CE4-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=236, cdn-cache; desc=MISS, edge; dur=7, origin; dur=324
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024012401474660399BE1007B4BBE7513
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 324,104.126.37.143
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc7311861a58e0ee7f0aeb33c18f08f621c4d621363743b4fd4954f475fcfc58bb88b3cd60885b8b04af2b1e4c611bbac5c674c8cea997327ce027d0b10fb261770a9d13c0d4ea489f3f5664989c5a418518c
access-control-allow-headers: Authorization,*
expires: Wed, 24 Jan 2024 01:47:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-11TYN7YX3N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180717160-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6b8b3ec20c3541632993f81fcca537024da6dce706c462e993aaddeee3f5654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 01:47:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1419494407&t=pageview&_s=1&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&ul=en-us&de=UTF-8&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIJAAAAACAMI~&jid=967433603&gjid=251976315&cid=1367821912.1706060864&tid=UA-180717160-1&_gid=96583092.1706060865&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&jsscut=1&z=452071115

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-11TYN7YX3N&gtm=45je41h0v9125420666&_p=1706060864251&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1367821912.1706060864&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1706060866&sct=1&seg=0&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&en=page_view&_fv=1&_ss=1&tfd=5386
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-11TYN7YX3N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wcslog.js Show response
wcs.naver.net/ Frame A2AE 23 KB
8 KB 33ms
31ms Script
application/javascript 23.48.23.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://wcs.naver.net/wcslog.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.45 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-45.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jan 2024 07:29:59 GMT
Server: nginx
ETag: "65ae1977-5b74"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=860
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7637
Expires: Wed, 24 Jan 2024 02:02:06 GMT

GET
H3 200 froala_style_ec.min.css
img.echosting.cafe24.com/editors/froala/css/ Frame A2AE 14 KB
3 KB 31ms
30ms Stylesheet
text/css 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img.echosting.cafe24.com/editors/froala/css/froala_style_ec.min.css?vs=2401191277
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a1a5a6bf17e24ca8be6cda214c51464207e1131885d520c81739b11ed1f906c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
last-modified: Wed, 20 Jan 2021 10:57:33 GMT
server: AkamaiNetStorage
etag: "37e7195fb99da3061091a89c8e192e79:1611176559.793625"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2610
quic-version: 0x00000001

GET
H2 200 optimizer.php
m.annanmode.com/ind-script/ Frame A2AE 9 KB
3 KB 315ms
314ms Stylesheet
text/css 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

8dd5c5463a2ec67c817b73a156f67e735e3927fa649c282dc3b26341ff342325

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: gzip
x-hits: 1
x-cache: HIT
x-iscacheurl: YES
content-length: 2237
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer.php?filename=nc1LCoAwDIThfXHrOYLeqC3xAU2mpCno7RW8gHQ7zMdPB4RpWY2qYbcoZNzQLTPl1mgzqFOGCHR6h5n-_DmHhtL9hIaEaxB299FoiTfbGPWYCg9S1FBO5ZCi6td_AA&type=css&k=37c9481ac0212340e132f81eba4d1049fee7f18e&t=1681776733byannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Tue, 18 Apr 2023 00:12:13 GMT
server: openresty
x-ttl: 300.000
etag: "a8c0b7521c11ee4e2444deba3b32a3b30fcb53b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:43 GMT

GET
H/1.1 200
OK AuthSSLManager.js Show response
login2.cafe24ssl.com/crypt/ Frame A2AE 5 KB
5 KB 304ms
303ms Script
application/javascript 61.74.67.204
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://login2.cafe24ssl.com/crypt/AuthSSLManager.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.74.67.204 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: nginx /
Resource Hash: 399f942cc739d9681501935cff722744e61477165db86bfff5fdd7a4b198b777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:46 GMT
Last-Modified: Wed, 07 Sep 2011 01:11:00 GMT
Server: nginx
ETag: "5400e5-12f3-4ac4f9dff7100"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4851

GET
H/1.1 200
OK AuthSSLManager.plugin.js Show response
login2.cafe24ssl.com/crypt/ Frame A2AE 2 KB
2 KB 301ms
300ms Script
application/javascript 61.74.67.204
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL: https://login2.cafe24ssl.com/crypt/AuthSSLManager.plugin.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.74.67.204 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software: nginx /
Resource Hash: 932f8c25f1bb080962df4e0c2c9f26a80b09d8d7930293d58e8ac28cc59c21c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:46 GMT
Last-Modified: Wed, 07 Sep 2011 01:11:42 GMT
Server: nginx
ETag: "4407a-78a-4ac4fa0804f80"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1930

GET
H3 200 ico_required.gif
img.echosting.cafe24.com/skin/base/common/ Frame A2AE 1 KB
1 KB 51ms
50ms Image
image/gif 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/base/common/ico_required.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 944435aa27eddf61bdbd939b3cdaffec229d728ce99128d586cea90e002b99dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
last-modified: Tue, 30 Jun 2020 03:02:20 GMT
server: AkamaiNetStorage
etag: "614f2771d8e43982ab0f89cfc2a5df6c:1593489708.974467"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1164
quic-version: 0x00000001

GET
H3 200 btn_icon_ipin.gif
img.echosting.cafe24.com/skin/base/common/ Frame A2AE 1 KB
1 KB 48ms
47ms Image
image/gif 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/base/common/btn_icon_ipin.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0e4fbf917b025232a8b114481aa23c2e82aefc9a55ded5e7256c3d948775eb5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
last-modified: Tue, 30 Jun 2020 03:02:20 GMT
server: AkamaiNetStorage
etag: "ecfff8d3eed430f6db9974ce67067e5e:1593489704.022617"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1372
quic-version: 0x00000001

GET
H3 200 btn_icon_mobile.gif
img.echosting.cafe24.com/skin/base/common/ Frame A2AE 1 KB
1 KB 47ms
46ms Image
image/gif 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/base/common/btn_icon_mobile.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0fb29d27ee77f585487e0b61e22ed1e9422ff8840d9bb9b1b470cc796846a936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
last-modified: Tue, 30 Jun 2020 03:02:20 GMT
server: AkamaiNetStorage
etag: "b2827b63cdc9cc67c753f540dde608c2:1593489704.175373"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1108
quic-version: 0x00000001

GET
H3 200 btn_agree_join.gif
img.echosting.cafe24.com/skin/base_ko_KR/member/ Frame A2AE 1 KB
1 KB 49ms
48ms Image
image/gif 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/base_ko_KR/member/btn_agree_join.gif
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c8484124d7abea9eec7e57a8e06cfa9119ccd4bb6c0f728b0c5ff46baeb213d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
last-modified: Tue, 04 Oct 2016 02:23:40 GMT
server: AkamaiNetStorage
etag: "3ba4f78060cf42639726ec243f60fb39:1562035733.970038"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1416
quic-version: 0x00000001

GET
H3 200 btn_close.png
img.echosting.cafe24.com/skin/base/common/ Frame A2AE 202 B
222 B 45ms
44ms Image
image/png 72.247.153.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.echosting.cafe24.com/skin/base/common/btn_close.png
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 72.247.153.218 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-153-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 46b93f047733a93e1ce624058d49998efdb3d5d31f4f47db0700e689a7e7437a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
last-modified: Tue, 30 Jun 2020 03:02:20 GMT
server: AkamaiNetStorage
etag: "956296580c2329908488bc94f68a7d84:1671076984.536604"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 202
quic-version: 0x00000001

GET
H/1.1 200
OK byapps_MA_sdk.3.x.php Show response
malog.byapps.co.kr/js/ Frame A2AE 7 KB
8 KB 253ms
253ms Script
text/html 115.68.78.52
SMILESERV-AS-KR S...

General

Check archive.org

Show headers Download Go to

Full URL: https://malog.byapps.co.kr/js/byapps_MA_sdk.3.x.php?mid=annanmode
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 115.68.78.52 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR),
Reverse DNS
Software: nginx/1.25.3 / PHP/7.4.33
Resource Hash: 37a905a49e746668a0eadab1a32cbb454c9daf03637f14638e596c8c601cd7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
server: nginx/1.25.3
x-powered-by: PHP/7.4.33
transfer-encoding: chunked
access-control-max-age: 3628800
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, DELETE, OPTIONS, POST, PUT
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId

GET
H2 200 kakao.min.js Show response
t1.kakaocdn.net/kakao_js_sdk/v1/ Frame A2AE 111 KB
36 KB 29ms
27ms Script
application/javascript 2a02:26f0:3100::1735:2868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2868 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:46 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 06:58:54 GMT
server: openresty
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3422
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzA6MDpjaHR0cDoxMQ==
accept-ranges: bytes
content-length: 36802
expires: Wed, 24 Jan 2024 02:44:48 GMT

GET
H2 200 i18n.php Show response
m.annanmode.com/ind-script/ Frame A2AE 1 MB
259 KB 328ms
326ms Script
application/x-javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/i18n.php?lang=ko_KR&domain=front&v=2401191277

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

4c9c6eb47856d442f45cf046b66d2cc2c2e433ec90ffd1b423102439ee72f773

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 3600s
date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: gzip
x-hits: 1
x-cache: HIT
x-iscacheurl: YES
content-length: 264342
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/i18n.php?lang=ko_KR&domain=front&v=2401191277byannanmode1view_mobDEwebpagent_pc
pragma: cache
server: openresty
x-ttl: 3600.000
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
x-anigif: webp
accept-ranges: bytes
expires: Wed, 31 Jan 2024 01:47:44 GMT

GET
H2 200 optimizer.php Show response
m.annanmode.com/ind-script/ Frame A2AE 1 MB
279 KB 945ms
943ms Script
text/javascript 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/ind-script/optimizer.php?filename=vVjbcts2EH239drvYN12On2VZbt1Kjcey05m-gaBS3EtAIviIpv5-i5JJY0SixfQ7miGgkScg8Xi7GKBrCQN2dlPLiuc0PBEbps58BSdhOzRZ3j2m5k9-h-yrn4RrZDb7PGfCK7af_08-3X240gkPAdwRii__2MmibYIU1miU0lTmIGcFSYZakiSKRTKkERxNvuFP0mD89tA7hu_WUcbxh-sbi4CBOQOmnuZkIG8aRofMZT3ny5EEDONZgSPwjWj4J7b_ShvHZpQDKAnGWuzrsjpBZngSClw_bhbFf3c2nOH-WaAPTGg6u9VOGo8deJJMYLMSSB7otDAyVoYM8SulkKS1mSG9n4WhqPRsLStgzB8lAYXQFvF6_IySFib3dAaFWR3X-Fb-zq8cgSnKY_8l39CO27AIhpZO7Tul0cOG31UxEMZOoxgqWYPbfR8TaHEp0qRyEeBdAyiHvf92oPbHVucI2BLqipQDZZeDoWIKtQu8Fq4cP6C6v6PJGlV3KBpg78WyZfGsEhrhbUTChlHLgn0zo6BffgMuxKSn1USti__NMoEvQZ3sMjCV0Zmunkxr9srsYPrfBRHi35HaBYlyO3tUwJ60ZF0eodNhF2g5-xTzWMop8z3UovOTHR0yjUYzaYmujYFpVJcep_igSVtkjzXprdEp92BUH8JDQnQD-CwqNrRE-Ar45PsDdGZh-Qc9CUjfE5n_-UVbgg_mbbOlyb339MzgyXj4e1GKEFZePN5lMLkavQ2MmKAXaOrt-PnLTS8mpsUScG1xZb694gRO1gdzKvVMiE-5hsHUJfAS1F17Tx_o5WUf1MUoclHliSL6BwYWWW-JHvKZbqECXi5_3VacP0uwlRLXotmWKlSBq3Y7xgQfH_vhatsoD-h6lhjYcQGXigOmmcyrtVJMvy9Y41IE5IJzoXfQpjO0CG2wRy3--o_lWVBkXP6lLnc8OYpNunzuABLHtPH_4i-XKKfRiApTnCBAwkT4HcNfAsVJ-58Iss9BaEWk2bTxEe6LMFAgVNDoyf393D87kSeLkjeuoiTLsqGZlXSU3ps8OEVb8lGmx6g0bM54DjQdzhlYW6qJW5hny-mKeSAalLsLXEHCs2285w2QK5_YH0NWL2C8PdM92L9KjzXAfQkDzVkFxD4QNhzouvRkRKoxVrBBIusCKUjBac9heCQhT9673QEbBM2urZQOFU9x9Lvgf5pxkVx58XH5f5W6bD-bG6t-LWXDm0YiX6or2Dm_HZlQTb3n4XoKhBeJDnIZNYuBt68OooBrvCZe_4L&type=js&k=71785823c596bd859110fd59ea99c5dacb5e92a6&t=1702944417

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

7140bc01a5ee31f0c7243fb81ab0fe56bedf71cd8e59d254de8b56205d13fb5b

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-hrpcs-ttl: 300s
date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: gzip
x-hits: 0
x-cache: MISS
x-iscacheurl: YES
content-length: 284101
x-hrpcs-signal: 1
x-xss-protection: 1;mode=block
x-hurl: /ind-script/optimizer.php?filename=vVjbcts2EH239drvYN12On2VZbt1Kjcey05m-gaBS3EtAIviIpv5-i5JJY0SixfQ7miGgkScg8Xi7GKBrCQN2dlPLiuc0PBEbps58BSdhOzRZ3j2m5k9-h-yrn4RrZDb7PGfCK7af_08-3X240gkPAdwRii__2MmibYIU1miU0lTmIGcFSYZakiSKRTKkERxNvuFP0mD89tA7hu_WUcbxh-sbi4CBOQOmnuZkIG8aRofMZT3ny5EEDONZgSPwjWj4J7b_ShvHZpQDKAnGWuzrsjpBZngSClw_bhbFf3c2nOH-WaAPTGg6u9VOGo8deJJMYLMSSB7otDAyVoYM8SulkKS1mSG9n4WhqPRsLStgzB8lAYXQFvF6_IySFib3dAaFWR3X-Fb-zq8cgSnKY_8l39CO27AIhpZO7Tul0cOG31UxEMZOoxgqWYPbfR8TaHEp0qRyEeBdAyiHvf92oPbHVucI2BLqipQDZZeDoWIKtQu8Fq4cP6C6v6PJGlV3KBpg78WyZfGsEhrhbUTChlHLgn0zo6BffgMuxKSn1USti__NMoEvQZ3sMjCV0Zmunkxr9srsYPrfBRHi35HaBYlyO3tUwJ60ZF0eodNhF2g5-xTzWMop8z3UovOTHR0yjUYzaYmujYFpVJcep_igSVtkjzXprdEp92BUH8JDQnQD-CwqNrRE-Ar45PsDdGZh-Qc9CUjfE5n_-UVbgg_mbbOlyb339MzgyXj4e1GKEFZePN5lMLkavQ2MmKAXaOrt-PnLTS8mpsUScG1xZb694gRO1gdzKvVMiE-5hsHUJfAS1F17Tx_o5WUf1MUoclHliSL6BwYWWW-JHvKZbqECXi5_3VacP0uwlRLXotmWKlSBq3Y7xgQfH_vhatsoD-h6lhjYcQGXigOmmcyrtVJMvy9Y41IE5IJzoXfQpjO0CG2wRy3--o_lWVBkXP6lLnc8OYpNunzuABLHtPH_4i-XKKfRiApTnCBAwkT4HcNfAsVJ-58Iss9BaEWk2bTxEe6LMFAgVNDoyf393D87kSeLkjeuoiTLsqGZlXSU3ps8OEVb8lGmx6g0bM54DjQdzhlYW6qJW5hny-mKeSAalLsLXEHCs2285w2QK5_YH0NWL2C8PdM92L9KjzXAfQkDzVkFxD4QNhzouvRkRKoxVrBBIusCKUjBac9heCQhT9673QEbBM2urZQOFU9x9Lvgf5pxkVx58XH5f5W6bD-bG6t-LWXDm0YiX6or2Dm_HZlQTb3n4XoKhBeJDnIZNYuBt68OooBrvCZe_4L&type=js&k=71785823c596bd859110fd59ea99c5dacb5e92a6&t=1702944417byannanmode1view_mobDEwebpagent_pc
pragma: cache
last-modified: Tue, 19 Dec 2023 00:06:57 GMT
server: openresty
x-ttl: 300.000
etag: "2d21b9b1ce0a4993e1e6288dc7e40147b881cefe"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=2592000
x-anigif: webp
accept-ranges: bytes
expires: Fri, 23 Feb 2024 01:47:47 GMT

GET
H2 200 jet.js Show response
optimizer.poxo.com/jet/ Frame A2AE 91 KB
92 KB 23ms
23ms Script
application/javascript 2600:9000:236e:b400:f:9b8:8140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimizer.poxo.com/jet/jet.js
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:b400:f:9b8:8140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bb002acec34fd0a15f9b2d7e608fd93e57bf419633a565e080813e597fe284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 06:24:44 GMT
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 69783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 93452
x-amz-meta-server-side-encryption: AES256
last-modified: Tue, 10 Oct 2023 11:38:16 GMT
server: AmazonS3
etag: "c9cb019c0e6d01652ed0e6d3b8ce5217"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
accept-ranges: bytes
x-amz-cf-id: 6PxJJx9qf3A48_ahByMjNkrTNLVvA1e8CTs7i_-sHOwhUDRHgG_8Qg==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
847 B 143ms
143ms Ping
text/plain 104.126.37.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI0MWYzMDk5MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-147.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 98522747.1a575ba8
date: Wed, 24 Jan 2024 01:47:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240124014747697ED3CB1D115A939241-3EA853F5F07DBF94-00
x-cache: TCP_MISS from a104-126-37-143.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 109,104.126.37.143
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=27, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240124014747697ED3CB1D115A939241
x-cache-remote: TCP_MISS from a23-220-105-205.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.220.105.205
x-tt-trace-host: 01176b51d7392c1fa000bd81347ecbc7311861a58e0ee7f0aeb33c18f08f621c4d84e1e7812e6785de0ee2fe2c81bdc23e0bb6a88436aac7af3fa379e5fdc2e2020f2afcd80b376ee4fe2d6f2b4c0a5adb13378ad8481d00517c93792820ff76bab080f32db1ba06afba27c0fa78b52acd
access-control-allow-headers: Authorization,*
expires: Wed, 24 Jan 2024 01:47:47 GMT

GET
H2 200 async Show response
m.annanmode.com/exec/front/manage/ 22 B
640 B 1113ms
1112ms XHR
application/json 210.114.0.217
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.annanmode.com/exec/front/manage/async?module=BasketProduct

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.114.0.217 Hanam, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

09d6750e3904c7220f0714cd026541a6727a42c3fed2e275769cfa88de8abf5a

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

Accept: */*
Referer: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
x-hits: 0
x-cache: MISS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-iscacheurl: NO
content-length: 22
x-hrpcs-signal: 2
x-xss-protection: 1;mode=block
x-hurl: /exec/front/manage/async?module=BasketProductbyannanmode1view_mobDEwebpagent_pc
pragma: no-cache
last-modified: Wed, 24 Jan 2024 01:47:47 GMT
server: openresty
content-type: application/json; charset=utf-8
x-cache-valid: YES
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-anigif: webp
accept-ranges: bytes
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 b
wcs.naver.com/ Frame A2AE 0
629 B 255ms
254ms Ping
text/plain 210.89.167.46
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL

https://wcs.naver.com/b

Requested by

Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

210.89.167.46 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),

Reverse DNS

Software

wcs /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.annanmode.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:47 GMT
x-content-type-options: nosniff
server: wcs
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p: CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A2AE 188 KB
68 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-180717160-1

Requested by

Host: malog.byapps.co.kr
URL: https://malog.byapps.co.kr/js/byapps_MA_sdk.3.x.php?mid=annanmode

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

175ee81a2078d252e11bbbc74225f695530327c32931c78ec6c0bea01b2769a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69395
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 00:11:31 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 01:47:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A2AE 226 KB
80 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-11TYN7YX3N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180717160-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6b8b3ec20c3541632993f81fcca537024da6dce706c462e993aaddeee3f5654

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 01:47:47 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame A2AE 52 KB
21 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180717160-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 23 Jan 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 24 Jan 2024 01:48:09 GMT

GET
H2 200 60690021.1706060867188 Show response
lc.recopick.com/v1/logs/visit/m.annanmode.com/ 85 B
436 B 806ms
259ms Script
text/javascript 54.248.102.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://lc.recopick.com/v1/logs/visit/m.annanmode.com/60690021.1706060867188?site=m.annanmode.com&url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&ref=&uid=60690021.1706060867188&guid=60690021.1706060867188&action=visit&z=74691&callback=rkpjson2

Requested by

Host: static.recopick.com
URL: https://static.recopick.com/dist/production.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.248.102.124 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-248-102-124.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

06c161d8fed0f9619296d18e38834961179e25c2f8ce2356972be701a0cc680a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
x-content-type-options: nosniff
server: nginx
x-permitted-cross-domain-policies: none
etag: W/"55-HKFbLlZMzh5e2epHNVdfsZxsdfM"
expect-ct: max-age=0
access-control-max-age: 10000
access-control-allow-methods: GET, POST, PUT, DELETE
p3p: CP=CAO PSA OUR
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 85
x-xss-protection: 0

GET
H2

200

idm
api.recopick.com/v1/
Redirect Chain

https://idm.skplanet.com/pixel?nid=2&uid=60690021.1706060867188&url=https%3A%2F%2Fapi.recopick.com%2Fv1%2Fidm%3Frecopick_uid%3D60690021.1706060867188%26dmp_uid%3D%25%25SKPDMP_UID%25%25%26dmp_err%3D...
https://idm.skplanet.com/pixelb?new_dmp_uid=Y&nid=2&uid=60690021.1706060867188&url=https%3A%2F%2Fapi.recopick.com%2Fv1%2Fidm%3Frecopick_uid%3D60690021.1706060867188%26dmp_uid%3D%25%25SKPDMP_UID%25%...
https://api.recopick.com/v1/idm?recopick_uid=60690021.1706060867188&dmp_uid=(DMPC)b4a86f57-fe12-4a30-945d-c3fdf34b08c0&dmp_err=&nocache=1706060867329

2 B
354 B

265ms
265ms

Image
text/html

52.192.70.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.recopick.com/v1/idm?recopick_uid=60690021.1706060867188&dmp_uid=(DMPC)b4a86f57-fe12-4a30-945d-c3fdf34b08c0&dmp_err=&nocache=1706060867329

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Server

52.192.70.152 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-192-70-152.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
server: nginx
x-permitted-cross-domain-policies: none
etag: W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
expect-ct: max-age=0
p3p: CP=CAO PSA OUR
content-type: text/html; charset=utf-8
content-length: 2
x-xss-protection: 0

Redirect headers

Location: https://api.recopick.com/v1/idm?recopick_uid=60690021.1706060867188&dmp_uid=(DMPC)b4a86f57-fe12-4a30-945d-c3fdf34b08c0&dmp_err=&nocache=1706060867329
Date: Wed, 24 Jan 2024 01:47:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H3 200 collect
www.google-analytics.com/ Frame A2AE 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1619857467&t=pageview&_s=1&dl=https%3A%2F%2Fm.annanmode.com%2Fprotected%2FloginSns.html%3F__popupPage%3DT&ul=en-us&de=UTF-8&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1367821912.1706060864&tid=UA-180717160-1&_gid=96583092.1706060865&gtm=457e41h0h1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&jsscut=1&z=934917721

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/protected/loginSns.html?__popupPage=T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:10:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16662
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cfa.html Show response
cfa-js.cafe24.com/ 0
263 B 310ms
310ms Script
text/html 203.245.1.130
KIXS-AS-KR Korea ...

General

Check archive.org

Show headers Download Go to

Full URL

https://cfa-js.cafe24.com/cfa.html?uid=byannanmode&sno=1&stype=e&type=conn&CUK45=CFAE_CUK45.byannanmode_1.N3EZ4RY.1706060867537&CID=CFAE_CID.byannanmode_1.N3EZ4RY.1706060867537&LC=&oLC1=null&oLC2=CFAE_LC.byannanmode_1.9999999.1706060867537&CUK1Y=CFAE_CUK1Y.byannanmode_1.N3EZ4RY.1706060867537&CVID=CVID.534b555a56545e545c54516e06.1706060867537&CVID_Y=CVID_Y.534b555a56545e545c54516e06.1706060867537&CVID_AD=&CVID_E=&new_visit=T&path_role=MEMBER_LOGIN&mem_id=&udim=1600*1200&t=1706060867537&uref=&url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&ttp=bTQg4fW7nq28LhYHFSbiq0KNOrb&mkt_click_type=&mkt_click_id=

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.245.1.130 Siheung-si, Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:47 GMT
last-modified: Wed, 17 Jan 2024 23:52:12 GMT
server: openresty
x-reqid: a668e06a244eb334ca80c3ccc5877092
etag: "65a8682c-0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
x-via: magneto-edge-krknb02-005
accept-ranges: bytes
content-length: 0
x-xss-protection: 1;mode=block

GET
H2 200 init.js Show response
widgets.cre.ma/cafe24/ Frame A2AE 47 B
334 B 795ms
250ms Script
text/javascript 133.186.161.10
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.cre.ma/cafe24/init.js?vs=20200914114920.1&client_id=SdksuzSDEpyhy6OLNQpKXC
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer.php?filename=vVjbcts2EH239drvYN12On2VZbt1Kjcey05m-gaBS3EtAIviIpv5-i5JJY0SixfQ7miGgkScg8Xi7GKBrCQN2dlPLiuc0PBEbps58BSdhOzRZ3j2m5k9-h-yrn4RrZDb7PGfCK7af_08-3X240gkPAdwRii__2MmibYIU1miU0lTmIGcFSYZakiSKRTKkERxNvuFP0mD89tA7hu_WUcbxh-sbi4CBOQOmnuZkIG8aRofMZT3ny5EEDONZgSPwjWj4J7b_ShvHZpQDKAnGWuzrsjpBZngSClw_bhbFf3c2nOH-WaAPTGg6u9VOGo8deJJMYLMSSB7otDAyVoYM8SulkKS1mSG9n4WhqPRsLStgzB8lAYXQFvF6_IySFib3dAaFWR3X-Fb-zq8cgSnKY_8l39CO27AIhpZO7Tul0cOG31UxEMZOoxgqWYPbfR8TaHEp0qRyEeBdAyiHvf92oPbHVucI2BLqipQDZZeDoWIKtQu8Fq4cP6C6v6PJGlV3KBpg78WyZfGsEhrhbUTChlHLgn0zo6BffgMuxKSn1USti__NMoEvQZ3sMjCV0Zmunkxr9srsYPrfBRHi35HaBYlyO3tUwJ60ZF0eodNhF2g5-xTzWMop8z3UovOTHR0yjUYzaYmujYFpVJcep_igSVtkjzXprdEp92BUH8JDQnQD-CwqNrRE-Ar45PsDdGZh-Qc9CUjfE5n_-UVbgg_mbbOlyb339MzgyXj4e1GKEFZePN5lMLkavQ2MmKAXaOrt-PnLTS8mpsUScG1xZb694gRO1gdzKvVMiE-5hsHUJfAS1F17Tx_o5WUf1MUoclHliSL6BwYWWW-JHvKZbqECXi5_3VacP0uwlRLXotmWKlSBq3Y7xgQfH_vhatsoD-h6lhjYcQGXigOmmcyrtVJMvy9Y41IE5IJzoXfQpjO0CG2wRy3--o_lWVBkXP6lLnc8OYpNunzuABLHtPH_4i-XKKfRiApTnCBAwkT4HcNfAsVJ-58Iss9BaEWk2bTxEe6LMFAgVNDoyf393D87kSeLkjeuoiTLsqGZlXSU3ps8OEVb8lGmx6g0bM54DjQdzhlYW6qJW5hny-mKeSAalLsLXEHCs2285w2QK5_YH0NWL2C8PdM92L9KjzXAfQkDzVkFxD4QNhzouvRkRKoxVrBBIusCKUjBac9heCQhT9673QEbBM2urZQOFU9x9Lvgf5pxkVx58XH5f5W6bD-bG6t-LWXDm0YiX6or2Dm_HZlQTb3n4XoKhBeJDnIZNYuBt68OooBrvCZe_4L&type=js&k=71785823c596bd859110fd59ea99c5dacb5e92a6&t=1702944417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.161.10 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: c355a806cad74f9c78813de1da0fdd068a4172573b63c29ef2fe07d7b711c44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime: 0.002800
date: Wed, 24 Jan 2024 01:47:49 GMT
via: 1.1 varnish (Varnish/6.0)
server: nginx
age: 604
etag: W/"c355a806cad74f9c78813de1da0fdd06"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-varnish: 131415077 131053678
cache-control: max-age=600, public
accept-ranges: bytes
content-length: 47
x-request-id: c441e2ee-39d0-4cd2-98ab-cc18d3fab832

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 84ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: m.annanmode.com
URL: https://m.annanmode.com/member/login.html?noMemberOrder&returnUrl=https://halva-4you.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 01:47:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57021
x-xss-protection: 0
pragma: public
x-fb-debug: m18NQ+gjNbG16HxtXwUKU6moMAv1fBUd9eHRvNo3nKAqgq/D07DbKY5WI2gvTcKAJWBrTFhjZd76rOkihiJ4kQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.js Show response
cdn.snapfit.co.kr/script/annanmode.com/ 54 KB
54 KB 2917ms
247ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/script/annanmode.com/main.js?vs=20230516104341.1&client_id=Qm8Cl8euLi5EXok37uWmfJ
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P9NrvUNMWRV8Tp2mDOFgjl-7ziBpJjCgOy4sd7dd3JHvb9SaWJdEBCgO2LPEcjoZnLmRaUYPpxU82LSw0uCFbpxYdBSswfXGpvPhNJy_uh3RoXJAGRJ2-_B3Qtrufn5Nfkx8nIvHVo9Wg3O5GIohqibEswapZr5CgSAo9G6pJkC6UFH4WxUXyC39mTc5PPdnv_GYslYzfW90cPHrJAxoepX2K4r6_-Cx99fTlGjwkjdQTeJTMGIVPfH0c5YyV2hcj6EmEzqwbss2CtLekFNrjuJUK7tKYKyvzcoQ9wUt1fFRhqffUmSPFCNJnnsyZkhrPMtB6jF1bCkFNQ3rs6FfQHI2apW0s-vGz9DiPjVG8Lu-DwJj0njKpMH34Br-1b8ArB3AN5YFvuY000yYsghadQ7txeeCwaQ6KeCzDgBEs1fR5Gz3fUij40iqCfBKoCR66eT9lDu360OIcABtSbSHVaOnlWEBQvnOBa8D6q3dUNz1JZqXsQf-PlJ1zAtGOPepimRCc1GUsS4Me8i4dHlTjY0Vmb1lv-sW6gxoorbvvlXxFNZSLBmgWfSw-D4biAeg1ZqGcjHIIVlSTdOyhKNq39eKos40KpeQktQYl2cdkvzr93xsJX4CLpu1WVefuLT0zGJYaftwMFSqDH_4eFehcTU4FEybg1CZ5jT-Mn9OgP5mbFAng-lDT8cT6nwVT4-QBC7SoBS6C7X7blZXi9B3rXt3DJkO7Zwu4Vou06R9cdtePsMbbfBLHFr2k8lDDdxx3h2hmYP_qVbUt5zPgj98XiVGoB_TB6mc7ouxeBl89Pi4HJgEN5X4nssFMUTkpf35VUOpYaufmrY4m4cXu33nBTTP4WEtORTOux658o7jfl16iOz56YVvj6Q7bSSu0jZn-ezZuK6XZ8E82Ryu0n01wBa5GH88wILbRHKtdyz2XZUGBi3DMu9xz_oBy_ntcoyEn58__WbpqKV0cgaAQ4QKLAiPgDz28xparVR7J8kQe1CLqbfr4mC9L1FjI2NBYQhthwx8W8vmC5MJDnHSl6Gm4A9nMjw3eMcoVmWDmB2hwbA5aDvS1jFmY-3Ypa9zliziF7FFFxd5SrlFJXZOOk-ufsjt7a08g_B3TE2Qn4bn12ER5qCe75o2wVLe6oPk6UiAbyBRGWGTAV5YUno_o3I8t_MHDngNgM6PQbRuFc3Wku34LdJuEdzFqKNp-3-0e9k_C-t0JP3bCSuMnoruDhvSy2_UYFP2hYwFDDcK7JHuZzJjFyONOS8HjjXzlkf8A&type=js&k=d7c18f09cfe7ce87fccdc53387d7966142541d75&t=1702944417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 4bd4369f1b8a975ed0ae3375263b4498d75348a3f11aa157190059785d7f2d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:50 GMT
last-modified: Tue, 16 May 2023 01:43:41 GMT
etag: "6462dfcd:d809"
content-type: application/javascript; charset=utf-8;
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 55305

GET
H2 200 init.js Show response
widgets.cre.ma/cafe24/ 47 B
333 B 629ms
251ms Script
text/javascript 133.186.161.10
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.cre.ma/cafe24/init.js?vs=20200914114920.1&client_id=SdksuzSDEpyhy6OLNQpKXC
Requested by: Host: m.annanmode.com
URL: https://m.annanmode.com/ind-script/optimizer.php?filename=zVjbbuM2EH1P9NrvUNMWRV8Tp2mDOFgjl-7ziBpJjCgOy4sd7dd3JHvb9SaWJdEBCgO2LPEcjoZnLmRaUYPpxU82LSw0uCFbpxYdBSswfXGpvPhNJy_uh3RoXJAGRJ2-_B3Qtrufn5Nfkx8nIvHVo9Wg3O5GIohqibEswapZr5CgSAo9G6pJkC6UFH4WxUXyC39mTc5PPdnv_GYslYzfW90cPHrJAxoepX2K4r6_-Cx99fTlGjwkjdQTeJTMGIVPfH0c5YyV2hcj6EmEzqwbss2CtLekFNrjuJUK7tKYKyvzcoQ9wUt1fFRhqffUmSPFCNJnnsyZkhrPMtB6jF1bCkFNQ3rs6FfQHI2apW0s-vGz9DiPjVG8Lu-DwJj0njKpMH34Br-1b8ArB3AN5YFvuY000yYsghadQ7txeeCwaQ6KeCzDgBEs1fR5Gz3fUij40iqCfBKoCR66eT9lDu360OIcABtSbSHVaOnlWEBQvnOBa8D6q3dUNz1JZqXsQf-PlJ1zAtGOPepimRCc1GUsS4Me8i4dHlTjY0Vmb1lv-sW6gxoorbvvlXxFNZSLBmgWfSw-D4biAeg1ZqGcjHIIVlSTdOyhKNq39eKos40KpeQktQYl2cdkvzr93xsJX4CLpu1WVefuLT0zGJYaftwMFSqDH_4eFehcTU4FEybg1CZ5jT-Mn9OgP5mbFAng-lDT8cT6nwVT4-QBC7SoBS6C7X7blZXi9B3rXt3DJkO7Zwu4Vou06R9cdtePsMbbfBLHFr2k8lDDdxx3h2hmYP_qVbUt5zPgj98XiVGoB_TB6mc7ouxeBl89Pi4HJgEN5X4nssFMUTkpf35VUOpYaufmrY4m4cXu33nBTTP4WEtORTOux658o7jfl16iOz56YVvj6Q7bSSu0jZn-ezZuK6XZ8E82Ryu0n01wBa5GH88wILbRHKtdyz2XZUGBi3DMu9xz_oBy_ntcoyEn58__WbpqKV0cgaAQ4QKLAiPgDz28xparVR7J8kQe1CLqbfr4mC9L1FjI2NBYQhthwx8W8vmC5MJDnHSl6Gm4A9nMjw3eMcoVmWDmB2hwbA5aDvS1jFmY-3Ypa9zliziF7FFFxd5SrlFJXZOOk-ufsjt7a08g_B3TE2Qn4bn12ER5qCe75o2wVLe6oPk6UiAbyBRGWGTAV5YUno_o3I8t_MHDngNgM6PQbRuFc3Wku34LdJuEdzFqKNp-3-0e9k_C-t0JP3bCSuMnoruDhvSy2_UYFP2hYwFDDcK7JHuZzJjFyONOS8HjjXzlkf8A&type=js&k=d7c18f09cfe7ce87fccdc53387d7966142541d75&t=1702944417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.161.10 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: c355a806cad74f9c78813de1da0fdd068a4172573b63c29ef2fe07d7b711c44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-runtime: 0.002533
date: Wed, 24 Jan 2024 01:47:49 GMT
via: 1.1 varnish (Varnish/6.0)
server: nginx
age: 593
etag: W/"c355a806cad74f9c78813de1da0fdd06"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-varnish: 132406953 132448685
cache-control: max-age=600, public
accept-ranges: bytes
content-length: 47
x-request-id: 9bd91362-e774-4541-aa69-e4ad544e990c

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E0AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_cm&google_hm=ay1SeUU5bkN0UUNwektjVE5xYk8yOGZhYlZldkgxV2dSQ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_gid=CAESEOGBDm33IPTd0bOIIYUcpvM&google_cver=1&google_ula=913071,0

43 B
369 B

29ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_gid=CAESEOGBDm33IPTd0bOIIYUcpvM&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 583675
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RyE9nCtQCpzKcTNqbO28fabVevH1WgRB49IyrQ&google_gid=CAESEOGBDm33IPTd0bOIIYUcpvM&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E0AC 43 B
235 B 135ms
39ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xBnn7StQCpzKcTNqbO28fabVevH4vYFG8DXKXg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E0AC
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4997256798920854802

43 B
369 B

30ms
30ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4997256798920854802

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 938800
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
an-x-request-uuid: 72c0b8a2-fea9-4ed7-821b-d58ea77dedfb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4997256798920854802
x-proxy-origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame E0AC 57 B
813 B 119ms
47ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-OWkLSStQCpzKcTNqbO28fabVevH1HzcczErH0A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Wed, 24 Jan 2024 01:47:48 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E0AC 0
239 B 131ms
22ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-jyOiPStQCpzKcTNqbO28fabVevF8m7fJEr9OHA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E0AC 43 B
163 B 144ms
29ms Image
image/gif 89.149.192.200
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-tQkrpCtQCpzKcTNqbO28fabVevHmxeIsBt1lRw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.200 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E0AC 0
99 B 104ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OcoCEitQCpzKcTNqbO28fabVevGM9wqYyqQ_9A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28085

GET
H2 200 um
criteo-sync.teads.tv/ Frame E0AC 23 B
163 B 134ms
47ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-S9OqUStQCpzKcTNqbO28fabVevFB2gDxweGaoA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 24 Jan 2024 01:47:48 GMT
pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame E0AC 37 B
140 B 74ms
22ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-T82SUytQCpzKcTNqbO28fabVevE-_QEQ_Hz1Qw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame E0AC 0
125 B 98ms
22ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-xr2dbStQCpzKcTNqbO28fabVevE3hVcpf53K_Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame E0AC 56 B
319 B 180ms
67ms Image
image/gif 23.48.23.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-xr2dbStQCpzKcTNqbO28fabVevE3hVcpf53K_Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Wed, 24 Jan 2024 01:47:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Wed, 24 Jan 2024 01:47:49 GMT

GET
H2 200 pixel
cm.adform.net/ Frame E0AC 43 B
162 B 123ms
31ms Image
image/gif 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-iRFx3itQCpzKcTNqbO28fabVevE_tE83lcLrhQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2

200

rum
r.casalemedia.com/ Frame E0AC
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw&C=1

43 B
348 B

65ms
65ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NirvqUwCttSn16MLMuZkKkQAS%2F3DI6psiZanysPm40ZUdsPEPHvBxBxVKuIdQg%2Fs7j%2BNGA1lh7oWYod5Gzkn%2FP3dmFulYxutFWo7orZm2dnZ42OCwL1esTPZv4qt8jUQ2hlg"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84a49c4f1b636a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Jde9u1u4GUVnDj9qEgTHnHncTUqO2xGL0ZbTovSPePMHx0BnZUHy%2F3AbhB8ADVPUVjZUsUL1MbUY48W59gzmJIZ1ijNIEirMsW%2FxqOn%2F2dLzxOrKwfaPQ62NHjjfeEbMhD"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-fT-1UCtQCpzKcTNqbO28fabVevH4pOFM0oW_bw&C=1
cache-control: no-cache
cf-ray: 84a49c4ecb236a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame E0AC
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv

42 B
718 B

47ms
47ms

Image
image/gif

52.211.69.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv

Protocol

Server

52.211.69.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-69-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-057f1d7f2.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 9UCjQpeXSXE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-04590bf15.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: tsqCno9MS0Y=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=C2wZHvlAwgnQqCbrCuD4kt-g-kWZvxyv
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame E0AC 43 B
1 KB 83ms
24ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-3EpBGStQCpzKcTNqbO28fabVevFnyHTXccJwsg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame E0AC 43 B
199 B 169ms
48ms Image
image/gif 34.249.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-asMSNytQCpzKcTNqbO28fabVevEdkWMPAA-0ZA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.97.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-97-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 01:47:49 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame E0AC 42 B
265 B 86ms
30ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-uJxxKCtQCpzKcTNqbO28fabVevHb_pW6jQFpJg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E0AC 0
884 B 83ms
24ms Image
text/html 18.158.26.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Qf9wVCtQCpzKcTNqbO28fabVevEK1sYtXQ8aBw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.26.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-26-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:49 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame E0AC 43 B
423 B 581ms
188ms Image
image/gif 54.68.130.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-jnrlbitQCpzKcTNqbO28fabVevGC70owickc8g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.130.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-130-239.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:49 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E0AC 0
145 B 428ms
100ms Image
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-afFJtitQCpzKcTNqbO28fabVevFQdXczHMc1kQ&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 24 Jan 2024 01:47:49 GMT
Cache-Control: no-cache
X-TraceId: 6567dd815a71f745ee19f6d6e334d10a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E0AC 0
225 B 110ms
32ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-KusrtStQCpzKcTNqbO28fabVevFx90-0iXo71g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 01:47:49 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame E0AC 0
35 B 85ms
21ms Image
text/plain 18.153.3.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-K1TVhytQCpzKcTNqbO28fabVevEVW4FzSgiWeA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.3.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-3-226.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:49 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame E0AC 43 B
399 B 355ms
112ms Image
image/gif 2600:1f18:612b:4264:da3:1083:772e:561a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-i8dURStQCpzKcTNqbO28fabVevHTggkZ-bZFEw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:da3:1083:772e:561a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 24 Jan 2024 01:47:49 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame E0AC 43 B
153 B 107ms
38ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-JvSEmCtQCpzKcTNqbO28fabVevGlirm4jCIHKg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 01:47:49 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame E0AC 0
235 B 80ms
29ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-jDXVfCtQCpzKcTNqbO28fabVevFeDLyhuWljtQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Jan 2024 01:47:49 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Tue, 23 Jan 2024 01:47:49 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame E0AC 0
38 B 169ms
45ms Image
text/plain 54.154.71.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-YDDARitQCpzKcTNqbO28fabVevF_AjSF-u9AIg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:49 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame E0AC 0
44 B 77ms
22ms Image
text/plain 52.29.105.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-FjmgrStQCpzKcTNqbO28fabVevFWJgzWUsjoWw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.105.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-105-89.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:49 GMT
server: awselb/2.0

GET
H2 200 445062992556304 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 77ms
77ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/445062992556304?v=2.9.142&r=stable&domain=m.annanmode.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4179344cd505f84981868a42bcf169700f514a8baae143169c32949dc2ffaf6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 01:47:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Yorx3/UsCR9VdmEHBhQu+0AuLkFUPPJ1qUQgUzKe1YTkPgPJsGWhHc6hMGk9UbU8rHyBgvok9QuMube2SJT3Dg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame E0AC 43 B
1 KB 66ms
65ms Image
image/gif 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-VkFnwytQCpzKcTNqbO28fabVevGW7wnH_iyZDw

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:48 GMT
an-x-request-uuid: 11d14598-e115-470b-814b-1424069e8c3f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.27; 217.114.218.27; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame E0AC 0
15 B 29ms
22ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-xr2dbStQCpzKcTNqbO28fabVevE3hVcpf53K_Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 102ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=445062992556304&ev=PageView&dl=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&rl=&if=false&ts=1706060868944&sw=1600&sh=1200&ud[external_id]=7a0848c29fdfe97876d04155190ab19f182221ceba0bcbf83e0ccfb6a8414216&v=2.9.142&r=stable&a=plcafe24_mc&ec=0&o=4126&fbp=fb.1.1706060868943.495448287&ler=empty&it=1706060868840&coo=false&tm=1&exp=d2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Jan 2024 01:47:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E0AC
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xIewRKmYehxbgGw4GmOQFpB6MVU0HFgi

0
338 B

159ms
45ms

Image
text/plain

52.31.7.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xIewRKmYehxbgGw4GmOQFpB6MVU0HFgi
Protocol: H2
Server: 52.31.7.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-7-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Wed, 24 Jan 2024 01:47:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1706060869
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xIewRKmYehxbgGw4GmOQFpB6MVU0HFgi
date: Wed, 24 Jan 2024 01:47:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 681537
content-length: 0

GET
H2 200 info.json Show response
cdn.snapfit.co.kr/script/annanmode.com/ 878 B
1 KB 749ms
263ms Fetch
application/json 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/script/annanmode.com/info.json?1706060872207
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/script/annanmode.com/main.js?vs=20230516104341.1&client_id=Qm8Cl8euLi5EXok37uWmfJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 7b35477c513fa53f0bf8444dced2f43b73f268889523c094b3083ea3c2f939bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:52 GMT
last-modified: Tue, 16 May 2023 01:43:41 GMT
etag: "6462dfcd:36e"
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 878

POST
H3 204 collect
region1.google-analytics.com/g/ Frame A2AE 0
17 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-11TYN7YX3N&gtm=45je41h0v9125420666&_p=1706060867314&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1367821912.1706060864&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1706060866&sct=1&seg=1&dl=https%3A%2F%2Fm.annanmode.com%2Fprotected%2FloginSns.html%3F__popupPage%3DT&dr=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&dt=%EC%95%88%EB%82%98%EC%95%A4%EB%AA%A8%EB%93%9C&en=page_view&tfd=5935
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-11TYN7YX3N&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 01:47:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.annanmode.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MEMBER_LOGIN.json Show response
cdn.snapfit.co.kr/script/annanmode.com/pc/ 2 B
67 B 241ms
241ms Fetch
application/json 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/script/annanmode.com/pc/MEMBER_LOGIN.json?4
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/script/annanmode.com/main.js?vs=20230516104341.1&client_id=Qm8Cl8euLi5EXok37uWmfJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:52 GMT
last-modified: Tue, 16 May 2023 01:43:19 GMT
etag: "6462dfb7:2"
content-type: application/json; charset=utf-8;
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 2

GET
H2 200 spm_f_common.js Show response
cdn.snapfit.co.kr/js/ 81 KB
81 KB 250ms
249ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/script/annanmode.com/main.js?vs=20230516104341.1&client_id=Qm8Cl8euLi5EXok37uWmfJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: c875bf5170ca3c81f63363a8368862f47a98f46aa16d228343ac9403554b9970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:52 GMT
last-modified: Tue, 19 Sep 2023 05:02:28 GMT
etag: "65092b64:1443c"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 83004

GET
H2 200 sf_init_snapq_detail.js Show response
snapfit.co.kr/js/ 19 KB
3 KB 1735ms
300ms Script
text/html 3.37.189.137

General

Check archive.org

Show headers Download Go to

Full URL: https://snapfit.co.kr/js/sf_init_snapq_detail.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/script/annanmode.com/main.js?vs=20230516104341.1&client_id=Qm8Cl8euLi5EXok37uWmfJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.189.137 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: a3783b165f1dd675afff59d44fbf4efc465f6401d6f5e32fdb2c35cfdecf7767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:54 GMT
content-encoding: gzip
server: Apache
content-length: 3418
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 init_info_spm_localpush Show response
push.snapfit.co.kr/Spm_Mgr/ 2 KB
1 KB 959ms
356ms Script
text/html 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/Spm_Mgr/init_info_spm_localpush?url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&referrerUrl=&device_type=pc&current_domain=m.annanmode.com&referrer_domain=&user_agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.224%20Safari/537.36&browser=chrome&os=windows%2010%2064bit&device=desktop&store_username=&chart_id=&draw_target=iframe&user_id=&page_type=sq_login_page&solution_type=cafe24&spm_user_id_pc=&spm_user_id_m=&is_request_sync_id=&spm_fcm_id=&todayBannerStatus=&sf_store_name=annanmode
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7bc5ac01366b0ab538628362630b341b57d3ed52448e258e57dd2b945ec7d2db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT
p3p: CP = " IDC DSP COR ADM Devi Taii PSA PSD IvaÃ IVDi CONi HIS OUR IND CNT "
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: max-age=0
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 523
expires: Wed, 24 Jan 2024 01:47:55 GMT

GET
H2 200 join_cafe.js Show response
push.snapfit.co.kr/js/push/ 14 KB
3 KB 895ms
291ms Script
text/javascript 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/js/push/join_cafe.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f5785fb5afc1e4b544432f919b3ae7f17e45feaa7263437f3f5093ae62cda09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
content-encoding: gzip
last-modified: Fri, 29 Jan 2021 00:45:17 GMT
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 3080
expires: Wed, 24 Jan 2024 01:47:55 GMT

GET
H2 200 return_push.js Show response
cdn.snapfit.co.kr/js/push/ 15 KB
15 KB 245ms
244ms Script
application/vnd.android.package-archive 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/push/return_push.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 8ef5b1a82a19c31f7f6b2e195469a94b781bdc74bfb59532b907bf19cdb781d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:53 GMT
last-modified: Tue, 19 Sep 2023 05:03:10 GMT
etag: "65092b8e:3aaa"
content-type: application/vnd.android.package-archive
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 15018

GET
H2 200 push_popup.js Show response
cdn.snapfit.co.kr/js/push/ 6 KB
6 KB 246ms
245ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/push/push_popup.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 45188e48b2772cf431b8358478a0ebd04d443f265c01b3df58db82e24868a9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:53 GMT
last-modified: Wed, 30 Mar 2022 02:37:14 GMT
etag: "6243c25a:1876"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 6262

GET
H2 200 frame_push.js Show response
cdn.snapfit.co.kr/js/push/ 2 KB
3 KB 488ms
488ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/push/frame_push.js
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: c8c58d04f7a14ba57a9609d0378d61e04aeed81184c42b10b86ea49c95570524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:53 GMT
last-modified: Thu, 28 Jan 2021 01:43:59 GMT
etag: "601216df:9ff"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 2559

GET
H2 200 annanmode Show response
push.snapfit.co.kr/custom/js/ 0
142 B 892ms
289ms Script
text/javascript 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/custom/js/annanmode
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript;charset=UTF-8
date: Wed, 24 Jan 2024 01:47:55 GMT
cache-control: no-cache, max-age=0
server: Apache/2.4.18 (Ubuntu)
content-length: 0
expires: Wed, 24 Jan 2024 01:47:55 GMT

GET
H2 200 init_detail_view Show response
snapfit.co.kr/Sq_detail_view/ 0
93 B 326ms
325ms Script
text/html 3.37.189.137

General

Check archive.org

Show headers Download Go to

Full URL: https://snapfit.co.kr/Sq_detail_view/init_detail_view?url=https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F&device_type=pc&store_username=annanmode&user_id=null&referer=&solution_type=cafe24
Requested by: Host: snapfit.co.kr
URL: https://snapfit.co.kr/js/sf_init_snapq_detail.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.189.137 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Jan 2024 01:47:55 GMT
server: Apache
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 make_frame_form Show response
push.snapfit.co.kr/Spm_Mgr/ Frame F179 5 KB
2 KB 307ms
306ms Document
text/html 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/Spm_Mgr/make_frame_form?%7B%22sf_store_name%22%3A%22annanmode%22%2C%22device_type%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22adminPushID%22%3A%22%22%2C%22solution_type%22%3A%22cafe24%22%2C%22page_type%22%3A%22sq_login_page%22%2C%22referrerUrl%22%3A%22%22%2C%22todayBannerStatus%22%3A%22%22%2C%22spmislive%22%3A%221%22%2C%22useKakao%22%3A%220%22%2C%22useDelegate%22%3A%220%22%2C%22kakaoDevKey%22%3A%22%22%2C%22kakaoDelegate%22%3A%221%22%2C%22bannerDelegate%22%3A%220%22%2C%22delegateBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_delegate_banner.jpg%22%2C%22delegateBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fdelegate_ico.png%22%2C%22kakaoBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_kakao_banner.jpg%22%2C%22kakaoBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fkakao_ico.png%22%2C%22delegateBannerLogin%22%3Afalse%2C%22idsyncstatus%22%3A%22%22%2C%22user_id%22%3Anull%2C%22spm_spmuserid_pc%22%3A%22c0d39d5b53ebd438dc850bebbb6ddabd%22%2C%22spm_spmuserid_m%22%3A%22%22%2C%22pageinfo%22%3A%7B%22pagetype%22%3A%22sq_login_page%22%2C%22cate%22%3A%22sq_login_page%22%2C%22itemcate%22%3Anull%7D%2C%22pushlogo%22%3A%22%2F%2Fcdn.snapfit.co.kr%2Fimage%2Fpushlogo%2Fpush_logo2.png%22%2C%22result%22%3A%22success%22%7D
Requested by: Host: cdn.snapfit.co.kr
URL: https://cdn.snapfit.co.kr/js/spm_f_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6fc052c3766e0a6cf21c6b6edfa55bc0103100d5ae2775e476ee666b8d5059ab

Request headers

Referer: https://m.annanmode.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
cache-control: max-age=0
content-encoding: gzip
content-length: 1747
content-type: text/html; charset=UTF-8
date: Wed, 24 Jan 2024 01:47:55 GMT
expires: Wed, 24 Jan 2024 01:47:55 GMT
p3p: CP = " IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT "
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 push_logo2.png
cdn.snapfit.co.kr/image/pushlogo/ 5 KB
5 KB 248ms
247ms Image
image/png 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.snapfit.co.kr/image/pushlogo/push_logo2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 2b987a86cd72159b3d900759b83d53b8d4c6ddf1944c8329d21b5ffd8474df41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:54 GMT
last-modified: Tue, 04 May 2021 09:56:06 GMT
etag: "60911a36:12c2"
content-type: image/png
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 4802

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ Frame F179 85 KB
27 KB 92ms
35ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: push.snapfit.co.kr
URL: https://push.snapfit.co.kr/Spm_Mgr/make_frame_form?%7B%22sf_store_name%22%3A%22annanmode%22%2C%22device_type%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22adminPushID%22%3A%22%22%2C%22solution_type%22%3A%22cafe24%22%2C%22page_type%22%3A%22sq_login_page%22%2C%22referrerUrl%22%3A%22%22%2C%22todayBannerStatus%22%3A%22%22%2C%22spmislive%22%3A%221%22%2C%22useKakao%22%3A%220%22%2C%22useDelegate%22%3A%220%22%2C%22kakaoDevKey%22%3A%22%22%2C%22kakaoDelegate%22%3A%221%22%2C%22bannerDelegate%22%3A%220%22%2C%22delegateBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_delegate_banner.jpg%22%2C%22delegateBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fdelegate_ico.png%22%2C%22kakaoBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_kakao_banner.jpg%22%2C%22kakaoBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fkakao_ico.png%22%2C%22delegateBannerLogin%22%3Afalse%2C%22idsyncstatus%22%3A%22%22%2C%22user_id%22%3Anull%2C%22spm_spmuserid_pc%22%3A%22c0d39d5b53ebd438dc850bebbb6ddabd%22%2C%22spm_spmuserid_m%22%3A%22%22%2C%22pageinfo%22%3A%7B%22pagetype%22%3A%22sq_login_page%22%2C%22cate%22%3A%22sq_login_page%22%2C%22itemcate%22%3Anull%7D%2C%22pushlogo%22%3A%22%2F%2Fcdn.snapfit.co.kr%2Fimage%2Fpushlogo%2Fpush_logo2.png%22%2C%22result%22%3A%22success%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 80150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27433
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4u4ym%2FftdmBjgcaN%2BOQsGSKG4MlOu0HBgEpeuQS1JamYpBRkP45sP6CBZ9XcDCXjCLRy8yfaMxVnnOUxbXVbOGtBTGrCZse2KPG5o2EHLru5MM2ZaYsVbHh5C0x4EVFv1bmOuP4uOgh1dReIVGwXAnM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a49c795d8c2bf0-FRA
expires: Mon, 13 Jan 2025 01:47:55 GMT

GET
H2 200 swiper.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.1.6/js/ Frame F179 234 KB
37 KB 86ms
30ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.1.6/js/swiper.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a6034cfa207c5f6437c210dfc281a3ed312b26c5b0ea227a8fbb83723d179634

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4821868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 36873
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-3a9f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T16wREdDVxakrfnBp0yBGSO8ZyupTQuCwL4fh1Lw0DCUYhRR3hFxYtIsW7eBzd4qjMf7rLo5OOT%2B8DaGt9Q4GZHgAUrADc6FzVbpuAL10c3FOX9fopZnJSBEzLdDKQ3SBMdWsg2aVoo4x3m68wa35amS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a49c795d8a2bf0-FRA
expires: Mon, 13 Jan 2025 01:47:55 GMT

GET
H2 200 spm_d_common.js Show response
cdn.snapfit.co.kr/js/ Frame F179 20 KB
20 KB 251ms
249ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/spm_d_common.js?v=20200826
Requested by: Host: push.snapfit.co.kr
URL: https://push.snapfit.co.kr/Spm_Mgr/make_frame_form?%7B%22sf_store_name%22%3A%22annanmode%22%2C%22device_type%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22adminPushID%22%3A%22%22%2C%22solution_type%22%3A%22cafe24%22%2C%22page_type%22%3A%22sq_login_page%22%2C%22referrerUrl%22%3A%22%22%2C%22todayBannerStatus%22%3A%22%22%2C%22spmislive%22%3A%221%22%2C%22useKakao%22%3A%220%22%2C%22useDelegate%22%3A%220%22%2C%22kakaoDevKey%22%3A%22%22%2C%22kakaoDelegate%22%3A%221%22%2C%22bannerDelegate%22%3A%220%22%2C%22delegateBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_delegate_banner.jpg%22%2C%22delegateBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fdelegate_ico.png%22%2C%22kakaoBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_kakao_banner.jpg%22%2C%22kakaoBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fkakao_ico.png%22%2C%22delegateBannerLogin%22%3Afalse%2C%22idsyncstatus%22%3A%22%22%2C%22user_id%22%3Anull%2C%22spm_spmuserid_pc%22%3A%22c0d39d5b53ebd438dc850bebbb6ddabd%22%2C%22spm_spmuserid_m%22%3A%22%22%2C%22pageinfo%22%3A%7B%22pagetype%22%3A%22sq_login_page%22%2C%22cate%22%3A%22sq_login_page%22%2C%22itemcate%22%3Anull%7D%2C%22pushlogo%22%3A%22%2F%2Fcdn.snapfit.co.kr%2Fimage%2Fpushlogo%2Fpush_logo2.png%22%2C%22result%22%3A%22success%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: 0ba1e581b5248d1e13e23fadcd76bdd0ab1bd480b3309515ce68ee9a97e5b5cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
last-modified: Thu, 03 Sep 2020 01:50:43 GMT
etag: "5f504bf3:5141"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 20801

GET
H3 200 css
fonts.googleapis.com/ Frame F179 3 KB
679 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed06cb7e07f6273a1f366bafc7975082b76f5257b724ecfe805070b086554dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 01:30:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 01:47:56 GMT

GET
H3 200 icon
fonts.googleapis.com/ Frame F179 569 B
366 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 01:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 01:47:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 01:47:56 GMT

GET
H2 200 spm_d_banner.js Show response
cdn.snapfit.co.kr/js/ Frame F179 17 KB
17 KB 248ms
248ms Script
application/javascript 112.214.46.111
CNM-AS-KR DLIVE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.snapfit.co.kr/js/spm_d_banner.js?v=20210901
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 112.214.46.111 Guro-gu, Korea, Republic Of, ASN10036 (CNM-AS-KR DLIVE, KR),
Reverse DNS
Software: /
Resource Hash: c02c3848bb2ddc2f5ee9c5164c86d37ac3310c522399e21a436a16cbab49c61e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:55 GMT
last-modified: Thu, 30 Mar 2023 03:02:38 GMT
etag: "6424fbce:4439"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: must-revalidate, public, max-age=604800
accept-ranges: bytes
content-length: 17465

GET
H2 200 get_banner Show response
push.snapfit.co.kr/Spm_Mgr/ Frame F179 0
307 B 315ms
314ms Script
text/html 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/Spm_Mgr/get_banner?sf_store_name=annanmode&device_type=pc&pagetype=sq_login_page&itemno=&cateno=sq_login_page&itemcate=&user_id=&spm_spmuserid_pc=c0d39d5b53ebd438dc850bebbb6ddabd&spm_spmuserid_m=&adminPushID=&referrerUrl=&currentUrl=https%253A%252F%252Fm.annanmode.com%252Fmember%252Flogin.html%253FnoMemberOrder%2526returnUrl%253Dhttps%253A%252F%252Fhalva-4you.ru%252F&todayShowBanner=&basket_total=&_=1706060875794
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://push.snapfit.co.kr/Spm_Mgr/make_frame_form?%7B%22sf_store_name%22%3A%22annanmode%22%2C%22device_type%22%3A%22pc%22%2C%22url%22%3A%22https%3A%2F%2Fm.annanmode.com%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%22%2C%22adminPushID%22%3A%22%22%2C%22solution_type%22%3A%22cafe24%22%2C%22page_type%22%3A%22sq_login_page%22%2C%22referrerUrl%22%3A%22%22%2C%22todayBannerStatus%22%3A%22%22%2C%22spmislive%22%3A%221%22%2C%22useKakao%22%3A%220%22%2C%22useDelegate%22%3A%220%22%2C%22kakaoDevKey%22%3A%22%22%2C%22kakaoDelegate%22%3A%221%22%2C%22bannerDelegate%22%3A%220%22%2C%22delegateBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_delegate_banner.jpg%22%2C%22delegateBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fdelegate_ico.png%22%2C%22kakaoBannerImage%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fnew_kakao_banner.jpg%22%2C%22kakaoBannerIcon%22%3A%22%2F%2Fsnapvi.ecn.cdn.infralab.net%2Fsnapfit%2Fimage%2Fkakao_ico.png%22%2C%22delegateBannerLogin%22%3Afalse%2C%22idsyncstatus%22%3A%22%22%2C%22user_id%22%3Anull%2C%22spm_spmuserid_pc%22%3A%22c0d39d5b53ebd438dc850bebbb6ddabd%22%2C%22spm_spmuserid_m%22%3A%22%22%2C%22pageinfo%22%3A%7B%22pagetype%22%3A%22sq_login_page%22%2C%22cate%22%3A%22sq_login_page%22%2C%22itemcate%22%3Anull%7D%2C%22pushlogo%22%3A%22%2F%2Fcdn.snapfit.co.kr%2Fimage%2Fpushlogo%2Fpush_logo2.png%22%2C%22result%22%3A%22success%22%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:56 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-methods: GET, POST, PUT
p3p: CP = " IDC DSP COR ADM Devi Taii PSA PSD IvaÃ IVDi CONi HIS OUR IND CNT "
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: max-age=0
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
expires: Wed, 24 Jan 2024 01:47:56 GMT

GET
H2 200 join_cafe_init.js Show response
push.snapfit.co.kr/js/push/ Frame A2AE 449 B
495 B 288ms
287ms Script
text/javascript 54.180.111.109

General

Check archive.org

Show headers Download Go to

Full URL: https://push.snapfit.co.kr/js/push/join_cafe_init.js
Requested by: Host: push.snapfit.co.kr
URL: https://push.snapfit.co.kr/js/push/join_cafe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.180.111.109 -, , ASN (),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: de40af2117ef6af64db6544937cd43c81bc626d032e7d140cc55275b6e35ad08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.annanmode.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 01:47:57 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 05:10:23 GMT
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: max-age=0
accept-ranges: bytes
content-length: 256
expires: Wed, 24 Jan 2024 01:47:57 GMT

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.m.annanmode.com/	1969-12-31 23:59:59	Name: fb_event_id Value: event_id.byannanmode.1.13Z0JWZPOWHB15U2XZZQQBGIMWMOBJ2O93
.m.annanmode.com/	1970-01-21 03:30:20	Name: _fwb Value: 147GYd1vDnaFFMnvbUAn1iy.1706060864253
m.annanmode.com/	1969-12-31 23:59:59	Name: keepgrowUserData Value: {"kg_user":{"uuid":"c8913394-4618-4d61-8963-83be1799b662","is_member":"","member_type":"","create_date":"","last_login_date":""},"kg_product":{"page_view_count":0,"last_create_date":""},"kg_order":{"initiate_checkout":0,"payment_count":0,"last_create_date":""}}
.m.annanmode.com/	1969-12-31 23:59:59	Name: fb_external_id Value: 7a0848c29fdfe97876d04155190ab19f182221ceba0bcbf83e0ccfb6a8414216
.annanmode.com/	1970-01-21 03:30:20	Name: _ga_EPZ9YE2TZX Value: GS1.1.1706060864.1.0.1706060864.0.0.0
.annanmode.com/	1970-01-20 17:55:47	Name: _gid Value: GA1.2.96583092.1706060865
.annanmode.com/	1970-01-20 17:54:20	Name: _gat_gtag_UA_109755209_1 Value: 1
m.annanmode.com/	1969-12-31 23:59:59	Name: ec_ipad_device Value: F
m.annanmode.com/	1970-01-20 17:55:47	Name: return_url Value: https://halva-4you.ru/
.annanmode.com/	1970-01-20 20:03:56	Name: _gcl_au Value: 1.1.1677983411.1706060867
.annanmode.com/	1970-01-20 17:54:20	Name: _gat_tracker0 Value: 1
.criteo.com/	1970-01-21 03:15:56	Name: uid Value: cd0e383b-7746-4276-ac9e-354c9e173646
.criteo.com/	1970-01-21 03:15:56	Name: receive-cookie-deprecation Value: 1
.tiktok.com/	1970-01-21 03:15:56	Name: _ttp Value: 2bNgI1vXZKiJVycbH005H7j7R4c
.annanmode.com/	1970-01-21 03:23:44	Name: cto_bundle Value: P8nHaF9nc3FOJTJGdEJRc1RVYlgwTWdkcWtSOUJhd1QyeEdVRnNoSmRBUkJZVzJkTyUyQnNaU01VUiUyQld6TzhmMFpaOGJIWGNRWUxFYiUyRnhUemJPMnBScXV1N1daZkxMdFZHZjlvZjlsQ0szdlY0VWdJREJLbGR6V1pEck8zYUxjc2RLRkUxeHhvdkRpcEZndGtMU3ZLVFElMkJjbjNocGZnJTNEJTNE
.wcs.naver.com/	1970-01-21 03:30:20	Name: NWB Value: 09606abe158f79849ef9c5cacb6950dc.1706060866575
.annanmode.com/	1970-01-21 03:15:56	Name: _tt_enable_cookie Value: 1
.annanmode.com/	1970-01-21 03:15:56	Name: _ttp Value: bTQg4fW7nq28LhYHFSbiq0KNOrb
.annanmode.com/	1970-01-20 17:54:20	Name: _gat_gtag_UA_180717160_1 Value: 1
.annanmode.com/	1970-01-21 03:30:20	Name: CUK45 Value: cuk45_byannanmode_b41dd8e35fb587ddfa6a5430e748bf2b
.annanmode.com/	1970-01-21 03:30:20	Name: CUK2Y Value: cuk2y_byannanmode_b41dd8e35fb587ddfa6a5430e748bf2b
.annanmode.com/	1969-12-31 23:59:59	Name: CID Value: CIDd30142e73d401645bfec1d7b334192cb
.annanmode.com/	1969-12-31 23:59:59	Name: CIDd30142e73d401645bfec1d7b334192cb Value: 70e12250c5e19b21bde507491b753c3c%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A%2Fmember%2Flogin.html%3FnoMemberOrder%26amp%3BreturnUrl%3Dhttps%3A%2F%2Fhalva-4you.ru%2F%3A%3A1706060866%3A%3A%3A%3Apmdp%3A%3A1706060866%3A%3A%3A%3A%3A%3A%3A%3A
.annanmode.com/	1969-12-31 23:59:59	Name: vt Value: 1706060866
.annanmode.com/	1969-12-31 23:59:59	Name: ECSESSID Value: 575a9a43b4cc874e1911a85478122e04
.annanmode.com/	1970-01-20 17:54:24	Name: basketcount_1 Value: 0
.annanmode.com/	1970-01-20 17:54:24	Name: basketprice_1 Value: 0%EC%9B%90
.annanmode.com/	1970-01-20 18:04:25	Name: wish_id Value: b671ad5a46cb3b1e413c377b3bf16800
.annanmode.com/	1970-01-20 17:55:47	Name: wishcount_1 Value: 0
.annanmode.com/	1970-01-20 17:54:24	Name: isviewtype Value: mob
m.annanmode.com/	1970-01-21 03:30:20	Name: wcs_bt Value: s_f96c030ce03:1706060867
.m.annanmode.com/	1970-01-20 18:04:25	Name: dmp_uid_checker Value: DUMMY_FOR_COOKIE_SYNC_CHECK
.m.annanmode.com/	1970-01-20 22:13:32	Name: recopick_uid Value: 60690021.1706060867188
.annanmode.com/	1970-01-21 03:30:20	Name: _ga_11TYN7YX3N Value: GS1.1.1706060866.1.1.1706060867.0.0.0
.annanmode.com/	1970-01-21 03:30:20	Name: _ga Value: GA1.1.1367821912.1706060864
.m.annanmode.com/	1969-12-31 23:59:59	Name: CFAE_CID Value: CFAE_CID.byannanmode_1.N3EZ4RY.1706060867537
.m.annanmode.com/	1970-01-21 02:39:56	Name: CFAE_CUK1Y Value: CFAE_CUK1Y.byannanmode_1.N3EZ4RY.1706060867537
.m.annanmode.com/	1970-01-20 18:59:08	Name: CFAE_CUK45 Value: CFAE_CUK45.byannanmode_1.N3EZ4RY.1706060867537
.m.annanmode.com/	1969-12-31 23:59:59	Name: CFAE_LC Value: CFAE_LC.byannanmode_1.N3EZ4RY.1706060867537
.m.annanmode.com/	1969-12-31 23:59:59	Name: CVID Value: CVID.534b555a56545e545c54516e06.1706060867537
.m.annanmode.com/	1970-01-21 02:39:56	Name: CVID_Y Value: CVID_Y.534b555a56545e545c54516e06.1706060867537
.skplanet.com/	1970-01-21 02:39:56	Name: DMP_UID Value: (DMPC)b4a86f57-fe12-4a30-945d-c3fdf34b08c0
.recopick.com/	1970-01-20 18:04:25	Name: dmp_uid Value: KERNUEMpYjRhODZmNTctZmUxMi00YTMwLTk0NWQtYzNmZGYzNGIwOGMw
.adnxs.com/	1970-01-20 20:03:56	Name: XANDR_PANID Value: pUOre5DCpzdOsrKMEUdGyfZkt_6PnZL6AJ3Pj2FPFWMVzDkcBGw9anC0F_eJ54KAq7zwH2Nr3yk6eHZbXBLtHfucdCpwkPZ2S8PhStpwMhw.
.adnxs.com/	1970-01-21 03:30:20	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:03:56	Name: uuid2 Value: 4997256798920854802
.doubleclick.net/	1970-01-21 03:15:56	Name: IDE Value: AHWqTUl9Pvdz9_kRyHbKLP22-6b19MLuLvEiAcnV5QjBHcxqcw9qC5DOKSHsvlCTHSE
.media.net/	1970-01-21 02:39:56	Name: visitor-id Value: 3490624688281181000V10
.media.net/	1970-01-20 18:37:32	Name: data-c-ts Value: 1706060868
.media.net/	1970-01-20 18:37:32	Name: data-c Value: k-OWkLSStQCpzKcTNqbO28fabVevH1HzcczErH0A~~3
.demdex.net/	1970-01-20 22:13:32	Name: demdex Value: 62875128714319145142468747757112758798
.adnxs.com/	1970-01-20 20:03:56	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Hb7_5%?A!1yIE`TLrfSBBmHfSYlHK3?HB21%HR[>I`ssPM@5rTyM=JAIIIy>5dhlzyA]Km3OLCLvn-($JP(hw9P-HC_#tx$>+fSL*
.annanmode.com/	1970-01-20 20:03:56	Name: _fbp Value: fb.1.1706060868943.495448287
.casalemedia.com/	1970-01-21 02:39:56	Name: CMID Value: ZbBsRLF.zcBkkRBdkJET.gAA
.casalemedia.com/	1970-01-20 20:03:56	Name: CMPS Value: 3191
.casalemedia.com/	1970-01-20 20:03:56	Name: CMPRO Value: 3191
.dpm.demdex.net/	1970-01-20 22:13:32	Name: dpm Value: 62875128714319145142468747757112758798
exchange.mediavine.com/	1970-01-20 18:14:30	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22941fd080-ba5a-11ee-8839-1964656c9cb5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:14:30	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22941fd080-ba5a-11ee-8839-1964656c9cb5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:14:30	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22941fd080-ba5a-11ee-8839-1964656c9cb5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:14:30	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22941fd080-ba5a-11ee-8839-1964656c9cb5%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:14:30	Name: criteo Value: %7B%22id%22%3A%22k-Qf9wVCtQCpzKcTNqbO28fabVevEK1sYtXQ8aBw%22%2C%22version%22%3A%22criteo%22%7D
.krxd.net/	1970-01-20 22:13:32	Name: _kuid_ Value: QDdCur7p
.tremorhub.com/	1970-01-21 02:40:17	Name: tvid Value: b13d20a3f32b40f3b5fca223ab31bce8
.tremorhub.com/	1970-01-20 18:37:32	Name: tv_UICR Value: k-i8dURStQCpzKcTNqbO28fabVevHTggkZ-bZFEw
.postrelease.com/	1970-01-21 02:39:56	Name: opt_out Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://m.annanmode.com/web/upload/dfloor_apps/banner/bdTwqfBUWXPHNS8qTNHcsNMy.js?v=0.4502673433026878 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
analytics.pangle-ads.com
analytics.tiktok.com
api.recopick.com
bc.ad.daum.net
beacon.krxd.net
cdn.jsdelivr.net
cdn.snapfit.co.kr
cdnjs.cloudflare.com
cfa-js.cafe24.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
idm.skplanet.com
img.echosting.cafe24.com
jadserve.postrelease.com
lc.recopick.com
login2.cafe24ssl.com
m.annanmode.com
malog.byapps.co.kr
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
optimizer.poxo.com
pixel.rubiconproject.com
push.snapfit.co.kr
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
snapfit.co.kr
sslwidget.criteo.com
static.criteo.com
static.recopick.com
stats.g.doubleclick.net
storage.keepgrow.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t1.daumcdn.net
t1.kakaocdn.net
ups.analytics.yahoo.com
wcs.naver.com
wcs.naver.net
widget.as.criteo.com
widgets.cre.ma
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
1.234.81.14
104.126.37.147
104.18.36.155
112.214.46.111
115.68.78.52
133.186.161.10
141.226.228.48
141.95.98.65
142.250.186.98
178.250.1.9
18.153.3.226
18.158.26.107
18.245.60.41
18.245.86.42
182.161.74.16
184.30.17.243
184.30.20.22
185.64.191.210
185.89.210.46
193.108.153.24
2.16.97.41
2001:4860:4802:34::36
203.245.1.130
210.114.0.217
210.89.167.46
211.249.221.187
23.48.23.20
23.48.23.45
2600:1f18:612b:4264:da3:1083:772e:561a
2600:9000:236e:b400:f:9b8:8140:93a1
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:802::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3100::1735:2868
2a02:26f0:3100::1735:2899
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.37.189.137
3.75.62.37
34.117.157.22
34.249.97.40
35.214.149.91
37.157.2.228
52.192.70.152
52.211.69.160
52.29.105.89
52.31.7.212
54.154.71.202
54.180.111.109
54.248.102.124
54.68.130.239
61.74.67.204
64.202.112.95
69.173.144.165
72.247.153.218
76.223.111.18
85.215.5.31
89.149.192.200
01f689be7001469ec24b50b6b1d2ccdaffc6af6c34120167f9a80ec832bfa37a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a4908b7e76204a1a6179ae49399342304fd917dd27bd012c156c133b473b30
06c161d8fed0f9619296d18e38834961179e25c2f8ce2356972be701a0cc680a
09d6750e3904c7220f0714cd026541a6727a42c3fed2e275769cfa88de8abf5a
0ba1e581b5248d1e13e23fadcd76bdd0ab1bd480b3309515ce68ee9a97e5b5cd
0d8f1e9f5418eb1ed8419bd7ed548bc711b06503620133d211dc124c551fbbb6
0e4fbf917b025232a8b114481aa23c2e82aefc9a55ded5e7256c3d948775eb5d
0fb29d27ee77f585487e0b61e22ed1e9422ff8840d9bb9b1b470cc796846a936
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
1609d044b3046d3d846de7ae5c9991dc6d80466570c310307263066dec700f69
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
175ee81a2078d252e11bbbc74225f695530327c32931c78ec6c0bea01b2769a8
17b214b4e252dff5b5e023943c9d0e686579aaa1e15f1074b80fb79224436367
182c92dc0256db9aaf69da4efa99d911cdfe547974b302bcf1b3a06acf2a12e0
1f7633fc4a5200255ee107b1ca44374e6e2ecd939da8220f843ad010ad3e01f1
22fb1da959aa34531d6a03ec942e42e51973b25e90ac722dbbf4a6dc2013714a
260a15f51cf89f393427f3d4bcf873f568032f5376fe3a3d5e72aa756df7903e
29af8dc03c14140acbeafc1cd9c088ba967314b6e9c09163927c5e36ccf7ca5f
29b21592fff4ab119700e288a5a33da93b7b4adb8c6958305c1447f399df7142
2b987a86cd72159b3d900759b83d53b8d4c6ddf1944c8329d21b5ffd8474df41
31c4382630804d018ff6b6d91b1c7d8b42410c93e8b8ecfb2034cf79cb37155c
31e2d07d2cb32d7d836521305c66e9d452761e54a55d26702d557668aeddca19
32805bc07abd36124605ffcf00c3cb96ec1b2d49015c810cda213eae8ac81ea8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
377b1cab84eff8ab7ae41600307bb1cae178f2dea582d2658133a628cb42b65b
37a905a49e746668a0eadab1a32cbb454c9daf03637f14638e596c8c601cd7a1
37bca63e9aae5856a9634aa38705292017a3c1cc22be1bfc966edea1c873ba7b
388ed79430f5ef5c5f78f0cbebec573610bd0824cb5ff1fe698b3ba433175a27
399f942cc739d9681501935cff722744e61477165db86bfff5fdd7a4b198b777
39bf82b97b4ed560fd147cce21860281e92ed35e754959accb2e318da21e1b20
40e528826d57846f7de64215f54865cec19b8235a4dd0d6f725652d230d2f025
4179344cd505f84981868a42bcf169700f514a8baae143169c32949dc2ffaf6f
4274a8517ab6de432e5c268c7be4d3714e4ebf0195304fac838e0a554575afa0
42d84513bec1befce1a70b5db5000195e910d2806bae16e6152b5f01e6cd2914
45188e48b2772cf431b8358478a0ebd04d443f265c01b3df58db82e24868a9e2
46b93f047733a93e1ce624058d49998efdb3d5d31f4f47db0700e689a7e7437a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcc4e96f1cf00230baefd446120c1e0d85d08335ffa8d07dd67da2535b93dfb
4bd4369f1b8a975ed0ae3375263b4498d75348a3f11aa157190059785d7f2d99
4c9c6eb47856d442f45cf046b66d2cc2c2e433ec90ffd1b423102439ee72f773
4d89570e3c368362cfa868b839ee66421e2e5b77af40ee28b9c8f2291d152c2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560dc76e053e80d8e6d17f8019031f0887bd6698457b9f518c61d1c2f2a07ba2
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5ed80ff897e6bf92a18359e6954c0787a6ae4e687f8335e277cac6e9cab21f0a
6063432be46ca55f0d84f131a07d66d3650d5eefd62db3d3b64378ffb6230b12
66fe7afc64972ab068f177ad9791d87d03f4c008e2f10bf6cc1bf54a7875ecd6
67eb93f26b86cb08c3238169f4c48f3c41e365d06dbf083a67adf99fb1376b6b
69a2de0fd28f14c641e37b071794b5a0c22dc0fc9eb33de52b4ccedcf3f164fb
6b46737ec17d04244eb04c2c164cf604b1d41e5176e524a536eefdda3de056a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8c51c2c3a3e491d06b467411cf947bb0c861d5277a3843e64178873ec2bda3
6fc052c3766e0a6cf21c6b6edfa55bc0103100d5ae2775e476ee666b8d5059ab
70f0ecc878b279d5143ec1fce7ce30836aa5c34e6c1d71321e9ab114b8dbb4a2
7140bc01a5ee31f0c7243fb81ab0fe56bedf71cd8e59d254de8b56205d13fb5b
7142171e55b996893be1bf0349c55d286825a4cfdd09e7d692e1c2a039ced056
74cdf403328e05d3e0396d654cf9e5b9a6f7abb040f13b2bdcbc296fe7ef89d2
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
7a4664dfeeddafe56a17d6e53c6fe3dd27aefc359dceaf8f7c8621bba26c1ef6
7b35477c513fa53f0bf8444dced2f43b73f268889523c094b3083ea3c2f939bc
7bc5ac01366b0ab538628362630b341b57d3ed52448e258e57dd2b945ec7d2db
82d1b96059dc0b80248c1479fd57f467c051afd33cfdd4d1ae925dc2d5adad97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b5f7fbd80b0b8d395aca3cf634a3041fc5a74ed2d6289e9e520edbd8430bd1
876f24ae1a71149e0e9c92f1d45c4063a68018090ab23e2a070150d79b713fd2
888d75aecd5176a84f63277535516ba6ac90c0684e2b092cb16b06a1ad01b8e2
897f11f7ee77a6709c521d1198f7c0e15afc426206da9a052092bb89aafc5592
8998313b74281b57426a8401eeefbfa8f2c57d06ee1f4be0113861342f071c76
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b27f074839b488971b488a220304026eea138032d8813f3d97742e4bdabb05d
8d528fa7f2e49038400bc2a99cb777f3b57cb55e0b485c117957478e12b00266
8dd5c5463a2ec67c817b73a156f67e735e3927fa649c282dc3b26341ff342325
8ef5b1a82a19c31f7f6b2e195469a94b781bdc74bfb59532b907bf19cdb781d5
90bf2b274ce0c3c273000de7c5f43570557a670a9056e4c603e30e85d67abec9
90f48a71b4ff0b07308674b4a8d3f73faef08cf0529fe1311b2f2dc95824efae
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
932f8c25f1bb080962df4e0c2c9f26a80b09d8d7930293d58e8ac28cc59c21c9
944435aa27eddf61bdbd939b3cdaffec229d728ce99128d586cea90e002b99dd
94e7960c543cd9fbd6379a94e3043733f90b47b4ad16a710346c47f95e140801
9afaa278ea0e074ecd69f4aed8c558bcd645c220bcd8e1bdbc7b82fe3fb1ec4f
9bac2f8ceda4f46b11e9c5093556f52dd811345aa268ee3ee9b833ccc91fd15d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a098e4d0cf6d0f265f986eb7f8208a39d941a08e8fe9d001471b6895b1de21
a0cb6786a44d4435d953644bf2a1a9fff74c8b739d31809fc289861d9f741c7a
a14cbb010a0e7d8425c7da3046665c9c5f208edee64c6166d3138db6f76d57a8
a1a5a6bf17e24ca8be6cda214c51464207e1131885d520c81739b11ed1f906c3
a3783b165f1dd675afff59d44fbf4efc465f6401d6f5e32fdb2c35cfdecf7767
a3799b68416f0e0a806f9f77884f448a991fd8a6c2139d58638622479762a0a3
a6034cfa207c5f6437c210dfc281a3ed312b26c5b0ea227a8fbb83723d179634
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7d9347ee436bce21bc7e27c564113e3ab9f19fb39abce8fe57126481389a75a
a80fcadcc85409d006fd531207093285316ef81c4ee7586eac3be5c8f05647c1
a94768a824ce186cf0adf17fe7e71b76e573ef99b8096c1ee2ba382b40321478
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedd0ce5ba0835ee181fb4dc050c525056f08bf0868c4c4229a388c7d520d1c9
b027b018858523b7400b3effccdb4342a66a9c9d76c313a1ec3409854aa26733
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1651e1f0e9d7ca3d20126df0dce5b8cde6a4b3e864b0509e587575c5246cd10
b416f54960c9aaf84eb52b93bebae5c28365bd29496bd8f7482b8da229b5346c
b6b8b3ec20c3541632993f81fcca537024da6dce706c462e993aaddeee3f5654
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c02c3848bb2ddc2f5ee9c5164c86d37ac3310c522399e21a436a16cbab49c61e
c355a806cad74f9c78813de1da0fdd068a4172573b63c29ef2fe07d7b711c44f
c8484124d7abea9eec7e57a8e06cfa9119ccd4bb6c0f728b0c5ff46baeb213d3
c875bf5170ca3c81f63363a8368862f47a98f46aa16d228343ac9403554b9970
c8c58d04f7a14ba57a9609d0378d61e04aeed81184c42b10b86ea49c95570524
caa8a3e37f2e506a4b7a37d3f07b944b913267e7d52b2a3014ab98415946f801
caf5d0e6f2303e4e6f84b8b5c0454f96f03fb5515e79956563c8cd36651f35fa
cbda053f96c9f37e0b1ccdd76e1ce03e317819f601582d5bfa7531779c25119a
d2bc5770383a23f675a336b966decd92c477d40ac921864e2582197fe015e57e
d4edcf187ca40e953bdaca2bc3ac27925e36b09353602b65a13125ffdca543cb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de40af2117ef6af64db6544937cd43c81bc626d032e7d140cc55275b6e35ad08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb91e77384f9aff2e81a868ae4f2ae6fb5940c573d0e39088ff637414b4ffed9
ed06cb7e07f6273a1f366bafc7975082b76f5257b724ecfe805070b086554dae
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef07f3dbbf910c2a39c01c7674bd33adbe7b2cdade522bd51fc3f353af76857b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9546bbb3aa4412b0bf0fd072953006c14a0f97f7318e5c4466d4eeabf6b0ca
f0a8727e5c4167cc6ec4dc19fbaa532c6a3a7f12f66fc544b4372742e4e92368
f0d3a2a00ea506e0761defc9c27e05ff087c0f932e15fbc5e5d61c33a78c2b99
f2bb002acec34fd0a15f9b2d7e608fd93e57bf419633a565e080813e597fe284
f3fde8d6d0a717a371c6195411c563abf9c1e4cce5c61ff7dd905a6acdbdd2a6
f5785fb5afc1e4b544432f919b3ae7f17e45feaa7263437f3f5093ae62cda09f
f60a91364c1a3d1882d5146550072519c5f9300f52dd7a11428946777fc870c0
f7c9604c95debab0b31ea8a73098131c74024e5fae31e8849215609bf811e7f8
f88a788ef48babac28441c2e088116891bcb4bea1bbc0fb58f91bbd93b0d643c
fb61ae019f5d7f280152f89681544d7fbef4e1f49f9a6f22e87cca4bcc2c7752
fbaec82a37593d73f3f5805f404875fc43af9fe6f6cac6a0a17bcc7a896917c0
fefdb75b90b67b6ebaa87b535e142b1c0b83b90fc7d86a6e597215c6c5b6017b
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

m.annanmode.com Open in urlscan Pro 210.114.0.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

193 Requests

96 %HTTPS

28 %IPv6

56 Domains

69 Subdomains

65 IPs

12 Countries

11395 kBTransfer

18869 kBSize

66 Cookies

2 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.annanmode.com Open in urlscan Pro
210.114.0.217 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

96 %
HTTPS

28 %
IPv6

56
Domains

69
Subdomains

65
IPs

12
Countries

11395 kB
Transfer

18869 kB
Size

66
Cookies

193 HTTP transactions
0 data transactions